Cybersecurity News - Page 26

Threat actor recruits real engineers willing to act as a figurehead for remote work, offering 20–35% of the salary while DPRK agents secretly perform the job.

The extensions attempt to steal GitHub, npm, and OpenVSX credentials, as well as cryptocurrency wallet data.

This is the first time when Gamaredon was observed conducting destructive attacks rather than traditional espionage operations.

The issue came to light when numerous users reported that Google Play Protect abruptly began blocking SmartTube and flagging it as unsafe.

The operation run in four phases that gradually transformed benign add-ons into powerful spyware.

The malware is delivered via dropper apps spread through social engineering lures.

The flaw was exploited by a pro-Russian hacktivist group known as TwoNet in an attack on a honeypot disguised as water treatment facility.

Authorities seized three servers in Switzerland, along with the platform’s domain.

In brief: An Oracle IM flaw exploited in the wild, Russia’s Gamaredon and North Korea’s Lazarus have been observed working together, and more.

The attackers are believed to have gained initial access by compromising a managed service provider.