Fake job recruiters hide malware in developer coding challenges

A new variation of the fake recruiter campaign from North Korean threat actors is targeting JavaScript and Python developers ...

These Malicious AI Assistants in Chrome Are Stealing User Credentials

AI-powered browser extensions continue to be a popular vector for threat actors looking to harvest user information.
CyberGuy

Android malware hidden in fake antivirus app

Hackers abused Hugging Face to spread Android malware through a fake antivirus app. Here is how it works and how to protect your phone.
The Hacker News

Lazarus Campaign Plants Malicious Packages in npm and PyPI Ecosystems

North Korea-linked Lazarus campaign spreads malicious npm and PyPI packages via fake crypto job offers, deploying RATs and ...

Fake AI Chrome extensions with 300K users steal credentials, emails

A set of 30 malicious Chrome extensions that have been installed by more than 300,000 users are masquerading as AI assistants to steal credentials, email content, and browsing information.