Microsoft

Dissecting Sapphire Sleet’s macOS intrusion from lure to compromise

The Microsoft Defender Security Research Team uncovered a sophisticated macOS intrusion campaign attributed to the North ...
Computer Weekly

North Korean social engineering campaign targets MacOS users

A MacOS-focused social engineering campaign orchestrated by North Korea-based threat actor Sapphire Sleet has been exposed by ...

North Korea targets macOS users in latest heist

North Korean criminals set on stealing Apple users' credentials and cryptocurrency are using a combination of social ...
InfoWorld

Malicious pgserve, automagik developer tools found in npm registry

Fake packages aim to steal data, credentials, and secrets, and to infect every package created using them, in what could be ...
The Hacker News

Obsidian Plugin Abuse Delivers PHANTOMPULSE RAT in Targeted Finance, Crypto Attacks

PHANTOMPULSE spreads via Obsidian plugin abuse in REF6598 campaign, targeting finance and crypto users, bypassing AV controls ...

macOS ClickFix attacks deliver AppleScript stealers to snarf credentials, wallets

A ClickFix campaign targeting macOS users delivers an AppleScript-based infostealer that collects credentials and live ...

I knew about North Korean hackers—they still tricked me and got into my computer

A source reached out to me over Telegram. I didn’t realize his account was compromised until it was almost too late.
The Daily Hodl

Verifiable Bitcoin Accounts for Institutional Bitcoin. Your Custody, Your Terms.

Threshold Network today announced Verifiable Bitcoin Accounts (VBA), a new framework for institutional Bitcoin deployment ...

How A Roblox Cheat Download Triggered A $2 Million Hack At Vercel

How A Roblox Cheat Triggered A $2 Million Breach At Vercel. Why The Vercel Incident Changes The Economics Of Enterprise AI ...

Kalshi Clone Script: A Simple Guide for Education Purposes

A high-quality clone script usually includes: Easy registration, wallet management, and market participation. Admins can ...

Bitwarden CLI npm package compromised to steal developer credentials

The Bitwarden CLI was briefly compromised after attackers uploaded a malicious @bitwarden/cli package to npm containing a credential-stealing payload capable of spreading to other projects.

6 crypto scam scripts criminals use to steal your money

Learn the most common cryptocurrency scam scripts, from fake investments to romance fraud, and how to recognize warning signs ...