Fake job recruiters hide malware in developer coding challenges

A new variation of the fake recruiter campaign from North Korean threat actors is targeting JavaScript and Python developers with cryptocurrency-related tasks.
SecurityWeek

BeyondTrust Vulnerability Targeted by Hackers Within 24 Hours of PoC Release

Threat actors began targeting a recently patched BeyondTrust vulnerability shortly after a proof-of-concept (PoC) exploit was released.

Critical Apple Flaw Exploited in ‘Sophisticated’ Attacks, Company Urges Rapid Patching

Apple urges users to update after patching CVE-2026-20700, a zero-day flaw exploited in sophisticated targeted attacks across multiple devices.
The Hacker News

Lazarus Campaign Plants Malicious Packages in npm and PyPI Ecosystems

North Korea-linked Lazarus campaign spreads malicious npm and PyPI packages via fake crypto job offers, deploying RATs and ...
InfoWorld

Go 1.26 unleashes performance-boosting Green Tea GC

New garbage collector promises a 10% to 40% reduction in garbage collection overhead in real-world programs that rely heavily on garbage collection.
Security Boulevard

Hackers Use LLM to Create React2Shell Malware, the Latest Example of AI-Generated Threat

Darktrace researchers say hackers used AI and LLMs to create malware to exploit the React2Shell vulnerability to mine ...
Technobezz on MSN

Microsoft warns that Python infostealers now target macOS at scale

Microsoft warns that Python-based infostealers are increasingly targeting macOS, harvesting sensitive data and challenging ...