Signal

Deep#Door Python backdoor evades detection and steals credentials on Windows

Evidence first: scan the strongest sources, then decide whether to go deeper.

Published 2026-04-30 12:36 UTCUpdated 2026-04-30 15:00 UTC

rss

cveexploitsmalwareincident_response

Source links open

Source links and full evidence are open here. Archive history, compare-over-time, alerts, exports, API, integrations, and workflow are paid.

Back Evidence (2)Get the free brief by email Start free trial

No card needed for the free brief.

Evidence trail (top sources)

top sources (2 domains)

2 top sources shown

Deep#Door Python Backdoor Evades Detection On Windows

Infosecurity Magazine · News · infosecurity-magazine.com · 2026-04-30 15:00 UTC

New Python Backdoor Uses Tunneling Service to Steal Browser and Cloud Credentials

thehackernews · News · thehackernews.com · 2026-04-30 12:36 UTC

limited source diversity in top sources

View all evidence

Overview

Security researchers have revealed a new Python-based backdoor framework named Deep#Door that targets Windows systems. This stealthy malware uses tunneling and obfuscation techniques to evade detection, disable Windows security controls, and establish persistent access.

Entities

Deep#Door

Score total

1.02

Momentum 24h

Posts

Origins

Source types

Duplicate ratio

Why now

The backdoor was recently disclosed, highlighting an emerging threat to Windows environments.
Use of Python and tunneling reflects evolving malware sophistication.
Early awareness can help defenders update detection and response strategies.

Why it matters

Deep#Door uses advanced evasion techniques making detection difficult for security tools.
It targets sensitive credentials including browser and cloud accounts, risking data breaches.
Disabling Windows security controls increases the persistence and impact of the malware.

LLM analysis

Topic mix: lowPromo risk: lowSource quality: medium

Recurring claims

Deep#Door Python RAT uses tunneling and obfuscation to evade detection and steal credentials

How sources frame it

Security Researchers: neutral

All evidence

Deep#Door Python Backdoor Evades Detection On Windows

Infosecurity Magazine · infosecurity-magazine.com · 2026-04-30 15:00 UTC

New Python Backdoor Uses Tunneling Service to Steal Browser and Cloud Credentials

thehackernews · thehackernews.com · 2026-04-30 12:36 UTC

Show filters & breakdown

Posts loaded: 0Publishers: 2Origin domains: 2Duplicates: -

Platform

Publisher

Origin domain

Relevance tier

Duplicates only

Showing 2 / 0

Top publishers (this list)

Infosecurity Magazine (1)
thehackernews (1)

Top origin domains (this list)

infosecurity-magazine.com (1)
thehackernews.com (1)