Fake job recruiters hide malware in developer coding challenges

A new variation of the fake recruiter campaign from North Korean threat actors is targeting JavaScript and Python developers ...
The Hacker News

North Korea-Linked UNC1069 Uses AI Lures to Attack Cryptocurrency Organizations

UNC1069 targets crypto firms via Telegram lures, fake Zoom meetings, and multi-stage malware to steal credentials, browser data, and funds.

Claude LLM artifacts abused to push Mac infostealers in ClickFix attack

Threat actors are abusing Claude artifacts and Google Ads in ClickFix campaigns that deliver infostealer malware to macOS users searching for specific queries.
CSO Online

North Korean actors blend ClickFix with new macOS backdoors in Crypto campaign

The campaign used a compromised Telegram account, a fake Zoom meeting, and AI-assisted deception to trick victims into ...