Fake job recruiters hide malware in developer coding challenges

A new variation of the fake recruiter campaign from North Korean threat actors is targeting JavaScript and Python developers with cryptocurrency-related tasks.
CNX Software

Mimiclaw is an OpenClaw-like AI assistant for ESP32-S3 boards

MimiClaw is an OpenClaw-inspired AI assistant designed for ESP32-S3 boards, which acts as a gateway between the Telegram ...
The Hacker News

Lazarus Campaign Plants Malicious Packages in npm and PyPI Ecosystems

North Korea-linked Lazarus campaign spreads malicious npm and PyPI packages via fake crypto job offers, deploying RATs and ...

LummaStealer infections surge after CastleLoader malware campaigns

A surge in LummaStealer infections has been observed, driven by social engineering campaigns leveraging the ClickFix technique to deliver the CastleLoader malware.
SecurityWeek

New ‘ZeroDayRAT’ Spyware Kit Enables Total Compromise of iOS, Android Devices

ZeroDayRAT mobile spyware provides full remote access to Android and iOS with live camera feeds, key logging, bank and crypto ...