In The News
September 12, 2024

Infosecurity: Lazarus Group targets developers in fresh VMConnect campaign

Lazarus Group has been observed continuing its VMConnect campaign by targeting developers with new malicious software packages on open source repositories, according to ReversingLabs.
September 12, 2024

CSO: Fake recruitment campaign targets developers using trojanized Python packages

North Korean attackers pose as recruiters for financial firms to lure developers into executing trojanized Python projects on their machines as part of fake job interviews.
September 11, 2024

Bleeping Computer: Fake password manager coding test used to hack Python developers

Members of the North Korean hacker group Lazarus posing as recruiters are baiting Python developers with coding test project for password management products that include malware.
September 11, 2024

Hacker News: Lazarus Group uses fake coding tests to spread malware

Cybersecurity researchers have uncovered a new set of malicious Python packages that target software developers under the guise of coding assessments.
September 3, 2024

Dark Reading: Evolving npm package campaign targets Roblox devs, for years

Attackers have added aggressive social engineering to their arsenal, along with a novel Windows-manipulating persistence mechanism that demands developer vigilance.
August 28, 2024

Cyber Ranch: What Is In Your Commercial Software? with Sasa Zdjelar

Your organization runs on commercial software far more than it does open source.