North Korean hacking group Slow Pisces is using malicious coding challenges on LinkedIn to target cryptocurrency project developers, according to cybersecurity researchers at Unit 42. By posing as job recruiters, the group sends unsuspecting victims malicious payloads via GitHub repositories. The operation’s success hints at the continued risk and prompting a call for a strict separation between corporate and personal devices.
Oracle Cloud leak leads CISA to issue warning about credential risks
The Cybersecurity and Infrastructure Security Agency (CISA) has issued guidance on mitigating credential risks following a potential compromise of a legacy Oracle cloud environment. The
