North Korean state-sponsored threat actors are targeting macOS users with new malware, utilizing a strategy that combines two popular approaches – fake job ads, and ClickFix, experts have warned.
Security researchers Jamf confirmed they have spotted attacks in the wild using ClickFix, an attack method in which the victim is presented with a fake problem, and at the same time, presented with a fix. It is an evolution of the old “You have a virus” popup that dominated the internet in the early 2000’s. Jamf says ‘DPRK-aligned operators’ from the FlexibleFerret malware family have been creating fake companies, fake LinkedIn profiles and, most importantly – fake job ads, as part of a wider campaign called Contagious Interview.
Read more…
Source: TechRadar News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Dynowiper: Destructive Malware Targeting Poland’s Energy Sector
February 6, 2026
The coordinated destructive campaign against critical energy infrastructure occurred on December 29, 2025, during a period of severe winter weather in Poland. According to CERT Polska’s report, the campaign targeted: 30+ wind and solar farms across Poland; A major CHP plant supplying heat to nearly half a million customers; A manufacturing sector company characterized as an ...
- Viral AI, Invisible Risks: What OpenClaw Reveals About Agentic Assistants
February 6, 2026
The name OpenClaw might not immediately be recognizable, partly because it has undergone several name changes, from Clawdbot to Moltbot, then finally to OpenClaw. Yet one thing is certain: This new digital assistant feels genuinely groundbreaking. It remembers past interactions, keeps data on the user’s device, and adapts to individual preferences, making it feel like a ...
- Asia-based government spies quietly broke into critical networks across 37 countries
February 5, 2026
A state-aligned cyber group in Asia compromised government and critical infrastructure organizations across 37 countries in an ongoing espionage campaign, according to security researchers. In total, the crew compromised at least 70 organizations, and maintained access to several of these for months. “While this group might be pursuing espionage objectives, its methods, targets and scale of ...
- Stan Ghouls targeting Russia and Uzbekistan with NetSupport RAT
February 5, 2026
Stan Ghouls (also known as Bloody Wolf) is an cybercriminal group that has been launching targeted attacks against organizations in Russia, Kyrgyzstan, Kazakhstan, and Uzbekistan since at least 2023. These attackers primarily have their sights set on the manufacturing, finance, and IT sectors. Their campaigns are meticulously prepared and tailored to specific victims, featuring a signature ...
- Reducing the Attack Surface for End-of-Support Edge Devices
February 5, 2026
The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the U.K.’s National Cyber Security Centre (NCSC) are releasing this fact sheet to urge defensive action against malicious cyber activity by nation-state threat actors. Nation-state threat actors exploit end-of-support (EOS) edge devices—including, but not limited to, load balancers, firewalls, routers, and virtual ...
- Data breach at govtech giant Conduent balloons, affecting millions more Americans
February 5, 2026
A data breach at government technology giant Conduent appears to affect far more people than first disclosed, with the number of victims potentially stretching to dozens of millions of people across the United States. The January 2025 ransomware attack, which knocked out Conduent’s operations for several days, is now known to affect at least 15.4 million ...