#contagiousinterview — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #contagiousinterview, aggregated by home.social.
-
Contagious Interview diventa un worm: Void Dokkaebi trasforma 750 repository in vettori auto-propaganti contro gli sviluppatori
Il gruppo APT nordcoreano Void Dokkaebi (Famous Chollima) ha trasformato le sue finte offerte di lavoro in un attacco supply chain capace di propagarsi automaticamente: basta aprire un repository clonato in VS Code per attivare payload nascosti in commit manipolati. A marzo 2026, Trend Micro ha mappato oltre 750 repository infetti, 500 task.json malevoli e staging C2 su Tron, Aptos e Binance Smart Chain. -
Contagious Interview diventa un worm: Void Dokkaebi trasforma 750 repository in vettori auto-propaganti contro gli sviluppatori
Il gruppo APT nordcoreano Void Dokkaebi (Famous Chollima) ha trasformato le sue finte offerte di lavoro in un attacco supply chain capace di propagarsi automaticamente: basta aprire un repository clonato in VS Code per attivare payload nascosti in commit manipolati. A marzo 2026, Trend Micro ha mappato oltre 750 repository infetti, 500 task.json malevoli e staging C2 su Tron, Aptos e Binance Smart Chain. -
Contagious Interview diventa un worm: Void Dokkaebi trasforma 750 repository in vettori auto-propaganti contro gli sviluppatori
Il gruppo APT nordcoreano Void Dokkaebi (Famous Chollima) ha trasformato le sue finte offerte di lavoro in un attacco supply chain capace di propagarsi automaticamente: basta aprire un repository clonato in VS Code per attivare payload nascosti in commit manipolati. A marzo 2026, Trend Micro ha mappato oltre 750 repository infetti, 500 task.json malevoli e staging C2 su Tron, Aptos e Binance Smart Chain. -
Contagious Interview diventa un worm: Void Dokkaebi trasforma 750 repository in vettori auto-propaganti contro gli sviluppatori
Il gruppo APT nordcoreano Void Dokkaebi (Famous Chollima) ha trasformato le sue finte offerte di lavoro in un attacco supply chain capace di propagarsi automaticamente: basta aprire un repository clonato in VS Code per attivare payload nascosti in commit manipolati. A marzo 2026, Trend Micro ha mappato oltre 750 repository infetti, 500 task.json malevoli e staging C2 su Tron, Aptos e Binance Smart Chain. -
Contagious Interview diventa un worm: Void Dokkaebi trasforma 750 repository in vettori auto-propaganti contro gli sviluppatori
Il gruppo APT nordcoreano Void Dokkaebi (Famous Chollima) ha trasformato le sue finte offerte di lavoro in un attacco supply chain capace di propagarsi automaticamente: basta aprire un repository clonato in VS Code per attivare payload nascosti in commit manipolati. A marzo 2026, Trend Micro ha mappato oltre 750 repository infetti, 500 task.json malevoli e staging C2 su Tron, Aptos e Binance Smart Chain. -
Tracking an OtterCookie Infostealer Campaign Across npm
#OtterCookie #ContagiousInterview
https://panther.com/blog/tracking-an-ottercookie-infostealer-campaign-across-npm -
North Korea’s Contagious Interview Campaign Spreads Across 5 Ecosystems, Delivering Staged RAT Payloads
#ContagiousInterview #npm #PyPI #Packagist
https://socket.dev/blog/contagious-interview-campaign-spreads-across-5-ecosystems -
North Korea’s Contagious Interview Campaign Spreads Across 5 Ecosystems, Delivering Staged RAT Payloads
#ContagiousInterview #npm #PyPI #Packagist
https://socket.dev/blog/contagious-interview-campaign-spreads-across-5-ecosystems -
North Korea’s Contagious Interview Campaign Spreads Across 5 Ecosystems, Delivering Staged RAT Payloads
#ContagiousInterview #npm #PyPI #Packagist
https://socket.dev/blog/contagious-interview-campaign-spreads-across-5-ecosystems -
North Korea’s Contagious Interview Campaign Spreads Across 5 Ecosystems, Delivering Staged RAT Payloads
#ContagiousInterview #npm #PyPI #Packagist
https://socket.dev/blog/contagious-interview-campaign-spreads-across-5-ecosystems -
North Korea’s Contagious Interview Campaign Spreads Across 5 Ecosystems, Delivering Staged RAT Payloads
#ContagiousInterview #npm #PyPI #Packagist
https://socket.dev/blog/contagious-interview-campaign-spreads-across-5-ecosystems -
First instance of PylangGhost RAT observed on npm
#PylangGhostRAT #ContagiousInterview #npm
https://kmsec.uk/blog/pylangghost-npm/ -
GitLab Threat Intelligence Team reveals North Korean tradecraft
#ContagiousInterview
https://about.gitlab.com/blog/gitlab-threat-intelligence-reveals-north-korean-tradecraft/ -
RE: https://social.troll.academy/@mushu/115937976404644181
https://runjak.codes/posts/2026-01-21-adversarial-coding-test/
Seems really similar to a recently reported variant of a North Korean state aligned campaign, ContagiousInterview. They've moved to VS Code tasks now
https://www.jamf.com/blog/threat-actors-expand-abuse-of-visual-studio-code/
https://opensourcemalware.com/blog/contagious-interview-vscode#DPRK #ContagiousInterview #lazarus #LazarusGroup #FamousChollima
-
Hunting Lazarus: Inside the Contagious Interview C2 Infrastructure
#ContagiousInterview
https://redasgard.com/blog/hunting-lazarus-contagious-interview-c2-infrastructure -
NK Hackers Push 200 Malicious npm Packages with OtterCookie Malware https://hackread.com/nk-hackers-npm-packages-ottercookie-malware/ #ContagiousInterview #Cybersecurity #CyberAttack #OtterCookie #BeaverTail #NorthKorea #Security #Malware #Lazarus #NPM
-
Inside the GitHub Infrastructure Powering North Korea’s Contagious Interview npm Attacks
#ContagiousInterview #OtterCookie
https://socket.dev/blog/north-korea-contagious-interview-npm-attacks -
North Korean Hackers Targeted Hundreds in Fake Job Interview Attacks https://www.securityweek.com/north-korean-hackers-targeted-hundreds-in-fake-job-interview-attacks/ #ContagiousInterview #cryptocurrency #Nation-State #NorthKorea #jobs
-
North Korean Hackers Targeted Hundreds in Fake Job Interview Attacks https://www.securityweek.com/north-korean-hackers-targeted-hundreds-in-fake-job-interview-attacks/ #ContagiousInterview #cryptocurrency #Nation-State #NorthKorea #jobs
-
🔥 Hot summer, sizzling crypto... and scammers turning up the heat 🔥
Back in March, Sekoia #TDR team published a deep-dive report on a #Lazarus cluster we dubbed #ClickFake Interview, leveraging the #ClickFix technique in their #ContagiousInterview campaign.
-
🔥 Hot summer, sizzling crypto... and scammers turning up the heat 🔥
Back in March, Sekoia #TDR team published a deep-dive report on a #Lazarus cluster we dubbed #ClickFake Interview, leveraging the #ClickFix technique in their #ContagiousInterview campaign.
-
🔥 Hot summer, sizzling crypto... and scammers turning up the heat 🔥
Back in March, Sekoia #TDR team published a deep-dive report on a #Lazarus cluster we dubbed #ClickFake Interview, leveraging the #ClickFix technique in their #ContagiousInterview campaign.
-
🔥 Hot summer, sizzling crypto... and scammers turning up the heat 🔥
Back in March, Sekoia #TDR team published a deep-dive report on a #Lazarus cluster we dubbed #ClickFake Interview, leveraging the #ClickFix technique in their #ContagiousInterview campaign.
-
good thing the US is gutting beneficial ownership regulations that would make it easier to understand who actually owns US trusts and corporations while simultaneously trashing both crypto enforcement at the DOJ but also more generally cyber defense
"The companies, Blocknovas LLC and Softglide LLC, were set up in the states of #NewMexico and New York using fake personas and addresses."
* Reuters: https://www.reuters.com/sustainability/boards-policy-regulation/north-korean-cyber-spies-created-us-firms-dupe-crypto-developers-2025-04-24/
* Technical details from Silent Push: https://www.silentpush.com/blog/contagious-interview-front-companies/#DPRK #NorthKorea #hackers #crypto #cybersecurity #infosec #uspol #Nypol #newyork #uspolitics #contagiousInterview #Github #lazarusGroup
-
North Korea actors use OtterCookie malware in Contagious Interview campaign – Source: securityaffairs.com https://ciso2ciso.com/north-korea-actors-use-ottercookie-malware-in-contagious-interview-campaign-source-securityaffairs-com/ #rssfeedpostgeneratorecho #informationsecuritynews #ITInformationSecurity #ContagiousInterview #SecurityAffairscom #CyberSecurityNews #PierluigiPaganini #SecurityAffairs #BreakingNews #OtterCookies #SecurityNews #NorthKorea #hacking #Malware #APT
-
🇰🇵 ☠️ Multiple #NorthKorean state actors continue running #malware campaigns against #npm #developers, stealing credentials and financial assets.
https://blog.phylum.io/north-korea-still-attacking-developers-via-npm/
#dprk #moonsleet #contagiousinterview #CyberSecurity #javascript #typescript #opensource #hacking #nodejs