Fake job recruiters hide malware in developer coding challenges
A new variation of the fake recruiter campaign from North Korean threat actors is targeting JavaScript and Python developers with cryptocurrency-related tasks. [...]
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
A new variation of the fake recruiter campaign from North Korean threat actors is targeting JavaScript and Python developers with cryptocurrency-related tasks. [...]
Cybersecurity researchers have discovered a fresh set of malicious packages across npm and the Python Package Index (PyPI) repository linked to a fake recruitment-themed campaign orchestrated by the North Korea-linked Lazarus Group
Python RAT PylangGhost, linked to Famous Chollima, targeted crypto professionals via fake job sites
The North Korea-linked threat actor assessed to be behind the massive Bybit hack in February 2025 has been linked to a malicious campaign that targets developers to deliver new stealer malware under the guise of a coding assignment
Backdoored Python Packages Likely Work of 'Gleaming Pisces,' Says Palo AltoA North Korean hacking group with a history of a stealing cryptocurrency is likely behind a raft of poisoned Python packages targeting developers working on the Linux and macOS operating systems in an apparent attempt at a supply chain attack.
Threat actors with ties to North Korea have been observed using poisoned Python packages as a way to deliver a new malware called PondRAT as part of an ongoing campaign
Members of the North Korean hacker group Lazarus posing as recruiters are baiting Python developers with coding test project for password management products that include malware. [...]
North Korean Prediliction for Elaborate Social Engineering Attacks Strikes AgainLikely North Korean threat actors are using fake job interviews to trick software developers into downloading disguised Python backdoors as part of an ongoing espionage campaign. Pyongyang hackers have a history of constructing elaborate social engineering ruses.
An ongoing social engineering campaign is targeting software developers with bogus npm packages under the guise of a job interview to trick them into downloading a Python backdoor
The notorious North Korean state-backed hacking group Lazarus uploaded four packages to the Python Package Index (PyPI) repository with the goal of infecting developer systems with malware
North Korean state-sponsored hackers have uploaded malicious packages to the PyPI (Python Package Index) repository, camouflaging one of them as a VMware vSphere connector module named vConnector. [...]
North Korean state-sponsored hackers are behind the VMConnect campaign that uploaded to the PyPI (Python Package Index) repository malicious packages, one of them mimicking the VMware vSphere connector module vConnector. [...]
Three additional malicious Python packages have been discovered in the Package Index (PyPI) repository as part of an ongoing malicious software supply chain campaign called VMConnect, with signs pointing to the involvement of North Korean state-sponsored threat actors