The North Korean Lazarus hacking group has released a new macOS malware named ‘KandyKorn’, which targets cryptocurrency exchange platform blockchain engineers. The attackers pretend to be members of the crypto community on Discord channels to distribute detrimental Python-based modules that initiate a multi-layered KandyKorn infection. The malware operates discreetly, allowing Lazarus to access and steal data from the infected device, primarily focussing on crypto firms for financial gains rather than information.
New SysUpdate Variant Malware Discovered, Decryption Tool for Linux C2 Traffic Released
A new Linux malware sample that strongly aligns with the SysUpdate malware family used by APT27/Iron Tiger. Initially detected on a client’s system, the binary
.webp?w=0&resize=0,0&ssl=1 "CISA Warns of Google Chromium 0-Day Vulnerability Actively Exploited in Attacks")
