North Korean state-sponsored threat actors are targeting macOS users with new malware, utilizing a strategy that combines two popular approaches – fake job ads, and ClickFix, experts have warned.
Security researchers Jamf confirmed they have spotted attacks in the wild using ClickFix, an attack method in which the victim is presented with a fake problem, and at the same time, presented with a fix. It is an evolution of the old “You have a virus” popup that dominated the internet in the early 2000’s. Jamf says ‘DPRK-aligned operators’ from the FlexibleFerret malware family have been creating fake companies, fake LinkedIn profiles and, most importantly – fake job ads, as part of a wider campaign called Contagious Interview.
Read more…
Source: TechRadar News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- South Korea’s KT admits data breach
September 11, 2025
KT Corp has become the second South Korean mobile operator this year to report a cybersecurity breach to the country’s data protection authorities, with the operator confirming on Thursday that 5,561 customers may have had their subscriber data stolen by hackers. While the reported breach is nowhere near the magnitude of SK Telecom’s disastrous data breach, ...
- Attacker steals customer data from UK rail operator LNER during break-in at supplier
September 11, 2025
One of the UK’s largest rail operators, LNER, is the latest organization to spill user data via a third-party data breach.… It confirmed the incident on Wednesday, saying customer contact details and “some information about previous journeys” was accessed at a third-party supplier. London North Eastern Railway (LNER) did not name the third party responsible for ...
- France: Three Regional Healthcare Agencies Targeted by Cyber-Attacks
September 11, 2025
French regional healthcare agencies have been targeted by cyber-attacks compromising the personal data of patients across the country. On September 8, the regional healthcare agencies (ARS) for three regions, Hauts-de-France (Upper France), Normandy and Pays de la Loire (Lower Loire), issued security alerts warning about recent cyber-attacks carried out against the servers hosting the identity ...
- AdaptixC2: A New Open-Source Framework Leveraged in Real-World Attacks
September 10, 2025
In early May 2025, Unit 42 researchers observed that AdaptixC2 was used to infect several systems. AdaptixC2 is a recently identified, open-source post-exploitation and adversarial emulation framework made for penetration testers that threat actors are using in campaigns. Unlike many well-known C2 frameworks, AdaptixC2 has remained largely under the radar. There is limited public documentation available ...
- Patch Tuesday – September 2025
September 10, 2025
Microsoft is addressing 176 vulnerabilities today, which seems like a lot, and it is. Curiously, Microsoft’s own Security Update Guide (SUG) for September 2025 Patch Tuesday only lists 86 vulns, and that’s because the SUG doesn’t include a large number of open source software (OSS) fixes published today as part of updates for Azure Linux ...
- All Plex users should reset passwords in wake of data breach
September 10, 2025
Popular media server and streaming platform, Plex, warned its users about losing their sensitive data in a cyberattack, and urged them to update their passwords as a result. In a forum post published on September 8, Plex said it recently experienced a security incident with “limited impact”, when an unauthorized third party accessed a subset of ...