CSO Online

Contagious Interview turns VS Code into an attack vector

Threat actors behind the campaign are abusing Microsoft Visual Studio Code’s trusted workflows to execute and persist ...
Dark Reading

'Contagious Interview' Attack Now Delivers Backdoor Via VS Code

Once trust is granted to the repository's author, a malicious app executes arbitrary commands on the victim's system with no ...
JD Supra

North Korea-linked threat actors utilize falsified companies and job interviews to distribute malware

A threat actor group with ties to the Democratic People’s Republic of Korea (“North Korea”) called Contagious Interview is using front companies to spread malware through fake job interviews. This ...
CSOonline

Contagious Interview attackers go ‘full stack’ to fool developers

The originators of the Contagious Interview cyberattack campaign are stitching GitHub, Vercel, and NPM together into a development and delivery pipeline to drop malware. Researchers at Socket have ...
Hosted on MSN

New macOS malware chain could cause a major security headache - here's what we know

Jamf reports North Korean actors using fake job ads and ClickFix tactics to target macOS users Victims are tricked into running curl commands in Terminal, installing FlexibleFerret backdoor malware ...
The Hacker News

North Korean PurpleBravo Campaign Targeted 3,136 IP Addresses via Fake Job Interviews

North Korean PurpleBravo hackers targeted 3,136 IPs and 20 companies using fake interviews, malicious VS Code projects, and BeaverTail malware.