A newly discovered Python-based backdoor is exploiting tunneling services to steal sensitive credentials from web browsers and cloud platforms. The malware establishes covert communication channels that bypass traditional security measures, allowing attackers to extract login information and authentication tokens without detection. Security researchers at Zscaler ThreatLabz are warning organizations to monitor for unusual tunneling traffic patterns as this attack method becomes increasingly popular among cybercriminals.