Cryptopolitan on MSN

Malicious packages empty dYdX user wallets

dYdX has been targeted by bad actors using malicious packages to empty its user wallets.

Fake job recruiters hide malware in developer coding challenges

A new variation of the fake recruiter campaign from North Korean threat actors is targeting JavaScript and Python developers ...

North Korean job scammers target JavaScript and Python developers with fake interview tasks spreading malware

Operation Dream Job is evolving once again, and now comes through malicious dependencies on bare-bones projects.
Information Age

North Korean hackers pose as tech recruiters

The FBI warned in 2023 that “thousands of skilled IT workers” were moving abroad from North Korea and setting up as freelance IT professionals, warning recruiters to be wary of remote workers who ...

Open source registries don't have enough money to implement basic security

Free beer is great. Securing the keg costs money fosdem 2026 Open source registries are in financial peril, a co-founder of ...

North Korean Graphalgo Campaign Uses Fake Job Tests to Spread Malware Scam

The post North Korean Graphalgo Campaign Uses Fake Job Tests to Spread Malware Scam appeared first on Android Headlines.
The Hacker News

Lazarus Campaign Plants Malicious Packages in npm and PyPI Ecosystems

Cybersecurity researchers have discovered a fresh set of malicious packages across npm and the Python Package Index (PyPI) repository linked to a fake recruitment-themed campaign orchestrated by the ...