CSOonline

Fake recruitment campaign targets developers using trojanized Python packages

The number of attacks looking to compromise developer machines has exploded in recent years. There has been a barrage of malicious packages uploaded to public registries such as PyPi and npm, ...
Bleeping Computer

Fake job interviews target developers with new Python backdoor

A new campaign tracked as “Dev Popper” is targeting software developers with fake job interviews in an attempt to trick them into installing a Python remote access trojan (RAT). The developers are ...
Bleeping Computer

Fake password manager coding test used to hack Python developers

Members of the North Korean hacker group Lazarus posing as recruiters are baiting Python developers with coding test project for password management products that include malware. The attacks are part ...
Dark Reading

GitHub Developers Hit in Complex Supply Chain Cyberattack

An unidentified group of threat actors orchestrated a sophisticated supply chain cyberattack on members of the Top.gg GitHub organization as well as individual developers in order to inject malicious ...
SiliconANGLE

Sophisticated software supply chain attack hits Top.gg, compromises GitHub accounts

Researchers at application security testing firm Checkmarx Ltd. today detailed a recently discovered software supply chain attack that targeted Top.gg, a popular search and discovery platform for ...
ExtremeTech

Fake Job Interviews Trick Developers Into Installing Python Trojan

No one loves being asked mid-interview to prove their chops with a short assignment: The pressure's on, the stakes are high, and the interviewer is watching you like a hawk. But according to security ...