North Korean Hackers Deploy New “AkdoorTea” Backdoor

North Korean hackers are intensifying their global campaign against cryptocurrency and Web3 developers, using a new backdoor ...
Hackaday

This Week In Security: Randomness Is Hard, SNMP Shouldn’t Be Public, And GitHub Malware Delivery

Randomness is hard. To be precise, without dedicated hardware, randomness is impossible for a computer. This is actually ...
SecurityWeek

North Korea’s Fake Recruiters Feed Stolen Data to IT Workers

A North Korean threat actor is supplying stolen developer information to the country’s horde of fraudulent IT workers, ESET ...
GovInfoSecurity

Stop Malware at Build Time, Not Runtime

Dustin Kirkland of Chainguard explains how verified, hardened components and AI-powered automation can prevent malware ...

North Korea's Lazarus Group shares its malware with IT work scammers

North Korean-linked crews connected to the pervasive IT worker scams have upped their malware game, using more advanced tools ...

Malicious Rust packages on Crates.io steal crypto wallet keys

Two malicious packages with nearly 8,500 downloads in Rust's official crate repository scanned developers' systems to steal ...
Infosecurity Magazine

Phishing Campaign Evolves into PureRAT Deployment, Linked to Vietnamese Threat Actors

The attackers used process hollowing against RegAsm.exe, patched Windows defenses such as AMSI and ETW and unpacked further ...
SecurityWeek

PyPI Warns Users of Fresh Phishing Campaign

PyPI, the default platform for Python's package management tools, is warning users of a fresh phishing campaign.
WeLiveSecurity

DeceptiveDevelopment: From primitive crypto theft to sophisticated AI-based deception

ESET researchers reveal how malware operators collaborate with covert North Korean IT workers, posing a threat to both headhunters and job seekers.
The Hacker News

North Korean Hackers Use New AkdoorTea Backdoor to Target Global Crypto Developers

North Korea’s Contagious Interview spreads AkdoorTea and TsunamiKit to steal crypto and infiltrate global developers.
CSO Online

Evolved PXA Stealer wraps PureRAT in multi-layer obfuscation

The stealer campaign has evolved into a multi-stage delivery chain that ultimately deploys the modular, feature-rich PureRAT.
Research Snipers

A Steam Game’s Malicious Update Steals $32,000 From a Cancer Streamer’s Livestream

The case of the Latvian streamer Raivo Plavniek is particularly tragic, known as RastlandTV. The content creator, suffering ...