Fake job recruiters hide malware in developer coding challenges
A new variation of the fake recruiter campaign from North Korean threat actors is targeting JavaScript and Python developers with cryptocurrency-related tasks. [...]
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
A new variation of the fake recruiter campaign from North Korean threat actors is targeting JavaScript and Python developers with cryptocurrency-related tasks. [...]
Cybersecurity researchers have warned of an actively expanding botnet dubbed Tsundere that's targeting Windows users
Attacker Socially Engineered Developer With Phishing EmailA hacker laced 18 popular npm packages with cryptocurrency stealing malware after socially engineering the developer into giving up his credentials to the JavaScript runtime environment. Aikido Security said the 18 software packages collectively have downloads of more than two billion each week.
At least 18 popular JavaScript code packages that are collectively downloaded more than two billion times each week were briefly compromised with malicious software today, after a developer involved in maintaining the projects was phished. The attack appears to have been quickly contained and was narrowly focused on stealing cryptocurrency. But experts warn that a similar attack with a slightly more nefarious payload could quickly lead to a disruptive malware outbreak that is far more difficult to detect and restrain.
Cybersecurity researchers are calling attention to an ongoing campaign that distributes fake cryptocurrency trading apps to deploy a compiled V8 JavaScript (JSC) malware called JSCEAL that can capture data from credentials and wallets
'Marstech1' Malware Targets Developers Through GitHub RespositoryNew North Korean malware is targeting cryptowallets with an unconventional command-and-control infrastructure and through malware embedded into a GitHub repository that's apparently the account of a Pyongyang hacker. The implant appears to have emerged late last December.
The North Korea-linked Lazarus Group has been linked to an active campaign that leverages fake LinkedIn job offers in the cryptocurrency and travel sectors to deliver malware capable of infecting Windows, macOS, and Linux operating systems
Damage likely limited to those running bots with private key access Malware-poisoned versions of the widely used JavaScript library @solana/web3.js were distributed via the npm package registry, according to an advisory issued Wednesday by project maintainer Steven Luscher.…
The extension employs various JavaScript scripts to manipulate users' browsers
We look into an ongoing malware campaign we named TgToxic, targeting Android mobile users in Taiwan, Thailand, and Indonesia since July 2022. The malware steals users’ credentials and assets such as cryptocurrency from digital wallets, as well as money from bank and finance apps. Analyzing the automated features of the malware, we found that the threat actor abused legitimate test framework Easyclick to write a Javascript-based automation script for functions such as clicks and gestures.