TI Mindmap HUB
Threat Intelligence Report

OceanLotus suspected of distributing ZiChatBot malware via wheel packages in PyPI | Securelist

πŸ“… May 7, 2026 πŸ“° securelist.com πŸ” 0 CVE(s) referenced

OceanLotus launched a sophisticated global supply chain attack by uploading malicious Python packages to PyPI, covertly deploying the new ZiChatBot malware that uses Zulip’s public chat APIs for command and control.

vendor

Sign in to access the full report including:
detailed analysis, IOCs, MITRE ATT&CK mapping, and STIX bundle.

πŸ” Sign In to Read Full Report

You'll need to accept our Terms of Service to access the platform.

πŸ“Š Visual Mindmap
🎯 IOC Extraction
βš”οΈ MITRE ATT&CK TTPs
πŸ“¦ STIX 2.1 Bundle