The Hacker News

Malicious Go Crypto Module Steals Passwords, Deploys Rekoobe Backdoor

A fake Go module posing as golang.org/x/crypto captures terminal passwords, installs SSH persistence, and delivers the ...
The Hacker News

UAT-10027 Targets U.S. Education and Healthcare with Dohdoor Backdoor

Cisco Talos tracks UAT-10027 targeting U.S. education and healthcare with Dohdoor DoH-based backdoor and Cobalt Strike ...

Fake Next.js job interview tests backdoor developer's devices

The Microsoft Defender team has discovered a coordinated campaign targeting software developers through malicious repositories posing as legitimate Next.js projects and technical assessment materials, ...
Dark Reading

Malicious Next.js Repos Target Developers Via Fake Job Interviews

Linked to North Korean fake job-recruitment campaigns, the poisoned repositories are aimed at establishing persistent C2 ...
Infosecurity Magazine

North Korea's APT37 Expands Toolkit to Breach Air-Gapped Networks

The security researchers from Zscaler ThreatLabz have also discovered five new tools deployed by the North Korean hacking ...