April 14, 2025 By Tushar Subhra Dutta
A sophisticated threat actor group dubbed “Slow Pisces” has emerged as a significant threat to software developers, employing deceptive coding challenges as an initial attack vector to distribute Python-based malware.
The campaign specifically targets developers through professional networking sites, coding forums, and development platforms with seemingly innocuous programming puzzles that conceal malicious payloads.
Security researchers have observed these attacks increasing in frequency since January 2025, with victims primarily located in technology hubs across North America and Europe.
