Scammers are targeting job seekers with a phishing campaign that installs a cryptominer onto victims’ devices. Victims receive a fraudulent email from fake recruiters suggesting they schedule a job interview. However, the supplied link redirects to a malicious website, causing a download of a ‘CRM application’, which is actually a Windows executable written in Rust. On execution, it downloads the XMRig cryptominer, hijacking the computer’s resources affecting performance, and potentially causing hardware damage.

Sonatype reports rise in open source malware to 17,954
The 1Q 2025 Open Source Malware Index from Sonatype revealed that open source malware packages doubled compared to the same period last year, with 56%