Pastebin comments push ClickFix JavaScript attack to hijack crypto swaps

Threat actors are abusing Pastebin comments to distribute a new ClickFix-style attack that tricks cryptocurrency users into ...

Fake job recruiters hide malware in developer coding challenges

A new variation of the fake recruiter campaign from North Korean threat actors is targeting JavaScript and Python developers ...
GitHub

dbt Semantic Layer SDK for Python

A library for easily accessing dbt's Semantic Layer via Python. Note that all method calls that will reach out to the APIs need to be within a client.session() context manager. By using a session, the ...
GitHub

Crypto-Panda: Cryptocurrency Analysis & Reporting Tool

🔍 What is Crypto-Panda? Crypto-Panda is a smart, automated reporting tool that tracks the cryptocurrency market, analyzes patterns using both quantitative signals and AI, and emails you a report on ...
The Hacker News

ClickFix Attacks Expand Using Fake CAPTCHAs, Microsoft Scripts, and Trusted Web Services

Cybersecurity researchers have disclosed details of a new campaign that combines ClickFix-style fake CAPTCHAs with a signed Microsoft Application Virtualization (App-V) script to distribute an ...
The Hacker News

China-Linked Hackers Have Used the PeckBirdy JavaScript C2 Framework Since 2023

Cybersecurity researchers have discovered a JScript-based command-and-control (C2) framework called PeckBirdy that has been put to use by China-aligned APT actors since 2023 to target multiple ...