Fake job recruiters hide malware in developer coding challenges

A new variation of the fake recruiter campaign from North Korean threat actors is targeting JavaScript and Python developers with cryptocurrency-related tasks.
Decrypt

Ransomware Hackers Targeting Employee Monitoring Software To Access Computers

Workforce monitoring software was abused in two cases of attempted ransomware attacks, researchers from Huntress found.

An AI agent just tried to shame a software engineer after he rejected its code

Sign of the times: An AI agent autonomously wrote and published a personalized attack article against an open-source software ...
The Hacker News

Lazarus Campaign Plants Malicious Packages in npm and PyPI Ecosystems

North Korea-linked Lazarus campaign spreads malicious npm and PyPI packages via fake crypto job offers, deploying RATs and ...

LummaStealer infections surge after CastleLoader malware campaigns

A surge in LummaStealer infections has been observed, driven by social engineering campaigns leveraging the ClickFix technique to deliver the CastleLoader malware.
The Hacker News

APT36 and SideCopy Launch Cross-Platform RAT Campaigns Against Indian Entities

Pakistan-aligned APT36 and SideCopy target Indian defense and government entities using phishing-delivered RAT malware across Windows and Linux system ...
SecurityWeek

RATs in the Machine: Inside a Pakistan-Linked Three-Pronged Cyber Assault on India

India is being targeted by multiple espionage campaigns delivered by the Pakistan-attributed Transparent Tribe (aka APT36).

Scammers Are Sending Fake Invites With Malware

Malwarebytes Labs has identified a new scam in which threat actors are using party invites to trick users into installing a ...