July 31, 2024 at 09:45AM A malware campaign, DEV#POPPER, is targeting software developers across Windows, Linux, and macOS systems. Linked to North Korea, the threat actors use social engineering to trick victims into divulging information or downloading malicious software. The campaign uses obfuscated JavaScript and Python backdoors, along with enhanced obfuscation and remote monitoring to … Read more
April 27, 2024 at 02:00AM A social engineering campaign named DEV#POPPER is targeting software developers with fraudulent job interviews, leading them to download and execute malicious npm packages, including a Python backdoor. The campaign is linked to North Korean threat actors. They disguise themselves as employers to distribute malware, indicating ongoing efforts to enhance their … Read more
April 26, 2024 at 10:23AM A campaign named “Dev Popper” is targeting developers with fake job interviews to trick them into downloading and running a Python remote access trojan (RAT), enabling the threat actors to gather system information and gain remote access. Analysts suspect North Korean involvement based on observed tactics. Similar tactics have been … Read more
November 10, 2023 at 07:59AM GitHub has introduced a new code scanning autofix feature as part of its Advanced Security program. The feature uses CodeQL, GitHub’s static-analysis scanner, to identify critical vulnerabilities in code and suggest fixes. This AI-powered tool aims to reduce developers’ time spent on fixing issues and improve the efficiency of vulnerability … Read more
October 31, 2023 at 10:29AM A new NuGet typosquatting campaign has been discovered that uses malicious packages to exploit Visual Studio’s MSBuild integration and install malware. This campaign targets Windows users and is the first documented case of threat actors leveraging this feature in malicious NuGet packages. The attackers continually refine their techniques, with earlier … Read more