Lucene search
K

58 matches found

Snyk
Snyk
added 2025/11/30 1:14 p.m.3 views

Malicious Package

Overview tailwind-grid-tools is a malicious package. This package contains malicious code associated with a social engineering campaign called "Contagious Interview." The attackers target developers through fake job interviews or coding test assignments that require the installation of this...

9.8CVSS7.2AI score
Exploits0References3
Snyk
Snyk
added 2025/11/30 1:14 p.m.3 views

Malicious Package

Overview pretty-text-formatter is a malicious package. This package contains malicious code associated with a social engineering campaign called "Contagious Interview." The attackers target developers through fake job interviews or coding test assignments that require the installation of this...

9.8CVSS7.2AI score
Exploits0References3
Snyk
Snyk
added 2025/11/30 1:14 p.m.5 views

Malicious Package

Overview bcryptjs-nodejs is a malicious package. This package contains malicious code associated with a social engineering campaign called "Contagious Interview." The attackers target developers through fake job interviews or coding test assignments that require the installation of this package...

9.8CVSS7.2AI score
Exploits0References3
Snyk
Snyk
added 2025/11/30 1:14 p.m.1 views

Malicious Package

Overview tailwindcss-setfontstyle is a malicious package. This package contains malicious code associated with a social engineering campaign called "Contagious Interview." The attackers target developers through fake job interviews or coding test assignments that require the installation of this...

9.8CVSS7.2AI score
Exploits0References3
Snyk
Snyk
added 2025/11/30 1:14 p.m.3 views

Malicious Package

Overview tailwindcss-setfont is a malicious package. This package contains malicious code associated with a social engineering campaign called "Contagious Interview." The attackers target developers through fake job interviews or coding test assignments that require the installation of this...

9.8CVSS7.2AI score
Exploits0References3
Snyk
Snyk
added 2025/11/30 1:14 p.m.2 views

Malicious Package

Overview cookie-mapper is a malicious package. This package contains malicious code associated with a social engineering campaign called "Contagious Interview." The attackers target developers through fake job interviews or coding test assignments that require the installation of this package. On...

9.8CVSS7.2AI score
Exploits0References3
Snyk
Snyk
added 2025/11/30 1:14 p.m.4 views

Malicious Package

Overview tailwindcss-forms is a malicious package. This package contains malicious code associated with a social engineering campaign called "Contagious Interview." The attackers target developers through fake job interviews or coding test assignments that require the installation of this package...

9.8CVSS7.2AI score
Exploits0References3
Snyk
Snyk
added 2025/11/30 1:14 p.m.3 views

Malicious Package

Overview chai-as-deploy is a malicious package. This package contains malicious code associated with a social engineering campaign called "Contagious Interview." The attackers target developers through fake job interviews or coding test assignments that require the installation of this package...

9.8CVSS7.2AI score
Exploits0References3
Snyk
Snyk
added 2025/11/30 1:14 p.m.3 views

Malicious Package

Overview react-ui-notify is a malicious package. This package contains malicious code associated with a social engineering campaign called "Contagious Interview." The attackers target developers through fake job interviews or coding test assignments that require the installation of this package...

9.8CVSS7.2AI score
Exploits0References3
Malwarebytes
Malwarebytes
added 2025/11/26 2:11 p.m.4 views

Fake LinkedIn jobs trick Mac users into downloading Flexible Ferret malware

Researchers have discovered a new attack targeting Mac users. It lures them to a fake job website, then tricks them into downloading malware via a bogus software update. The attackers pose as recruiters and contact people via LinkedIn, encouraging them to apply for a role. As part of the...

7.5AI score
Exploits0
The Hacker News
The Hacker News
added 2025/11/14 6:25 p.m.8 views

North Korean Hackers Turn JSON Services into Covert Malware Delivery Channels

The North Korean threat actors behind the Contagious Interview campaign have once again tweaked their tactics by using JSON storage services to stage malicious payloads. "The threat actors have recently resorted to utilizing JSON storage services like JSON Keeper, JSONsilo, and npoint.io to host...

6.7AI score
Exploits0
The Hacker News
The Hacker News
added 2025/10/17 1:33 p.m.6 views

North Korean Hackers Combine BeaverTail and OtterCookie into Advanced JS Malware

The North Korean threat actor linked to the Contagious Interview campaign has been observed merging some of the functionality of two of its malware programs, indicating that the hacking group is actively refining its toolset. That's according to new findings from Cisco Talos, which said recent...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2025/10/16 2:56 p.m.6 views

North Korean Hackers Use EtherHiding to Hide Malware Inside Blockchain Smart Contracts

A threat actor with ties to the Democratic People's Republic of Korea aka North Korea has been observed leveraging the EtherHiding technique to distribute malware and enable cryptocurrency theft, marking the first time a state-sponsored hacking group has embraced the method. The activity has been...

7.5AI score
Exploits0
The Hacker News
The Hacker News
added 2025/07/15 7:17 a.m.16 views

North Korean Hackers Flood npm Registry with XORIndex Malware in Ongoing Attack Campaign

The North Korean threat actors linked to the Contagious Interview campaign have been observed publishing another set of 67 malicious packages to the npm registry, underscoring ongoing attempts to poison the open-source ecosystem via software supply chain attacks. The packages, per Socket, have...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2024/12/27 5:42 p.m.5 views

North Korean Hackers Deploy OtterCookie Malware in Contagious Interview Campaign

North Korean threat actors behind the ongoing Contagious Interview campaign have been observed dropping a new JavaScript malware called OtterCookie. Contagious Interview aka DeceptiveDevelopment refers to a persistent attack campaign that employs social engineering lures, with the hacking crew...

7.9AI score
Exploits0
The Hacker News
The Hacker News
added 2024/10/14 10:43 a.m.19 views

THN Cybersecurity Recap: Top Threats, Tools and Trends (Oct 7 - Oct 13)

Hey there, it's your weekly dose of "what the heck is going on in cybersecurity land " – and trust me, you NEED to be in the loop this time. We've got everything from zero-day exploits and AI gone rogue to the FBI playing crypto kingpin – it's full of stuff they don't 🤫 want you to know. So let's...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2024/10/09 1:33 p.m.23 views

N. Korean Hackers Use Fake Interviews to Infect Developers with Cross-Platform Malware

Threat actors with ties to North Korea have been observed targeting job seekers in the tech industry to deliver updated versions of known malware families tracked as BeaverTail and InvisibleFerret. The activity cluster, tracked as CL-STA-0240, is part of a campaign dubbed Contagious Interview tha...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2023/11/22 12:14 p.m.62 views

North Korean Hackers Pose as Job Recruiters and Seekers in Malware Campaigns

North Korean threat actors have been linked to two campaigns in which they masquerade as both job recruiters and seekers to distribute malware and obtain unauthorized employment with organizations based in the U.S. and other parts of the world. The activity clusters have been codenamed Contagious...

7.2AI score
Exploits0
Rows per page
Query Builder