Fake job recruiters hide malware in developer coding challenges

A new variation of the fake recruiter campaign from North Korean threat actors is targeting JavaScript and Python developers with cryptocurrency-related tasks.

Claude LLM artifacts abused to push Mac infostealers in ClickFix attack

Threat actors are abusing Claude artifacts and Google Ads in ClickFix campaigns that deliver infostealer malware to macOS users searching for specific queries.
Decrypt

Ransomware Hackers Targeting Employee Monitoring Software To Access Computers

Workforce monitoring software was abused in two cases of attempted ransomware attacks, researchers from Huntress found.
ExtremeTech

Microsoft Fixes Windows 11 Bug That Let Attackers Run Remote Code in Notepad

The vulnerability comes from the way Notepad handles Markdown hyperlinks. Attackers craft malicious .md files with embedded ...