North Korean attackers are using LinkedIn to target developers in a fake job recruitment operation that delivers malware, Google’s Mandiant reports. The operation sends a Python coding challenge containing COVERTCATCH malware, with the aim of compromising a target’s macOS system. Similar operations have been observed delivering other malware families, including RustBucket and KANDYKORN.

Hackers are selling counterfeit phones with crypto-stealing malware
Kaspersky has identified thousands of low-cost Android smartphones sold online that come with preinstalled malware programmed to steal cryptocurrency details. The devices are infected with