Social-Engineering
JINX-0164: Fake Recruiters, a macOS RAT, and a Pivot Into Code Distribution Pipelines
Wiz details JINX-0164, a financially motivated actor that uses LinkedIn recruiter lures to drop the AUDIOFIX macOS RAT, then moves from developer laptops into code distribution and CI/CD infrastructure.
MuddyWater Wears Chaos Ransomware as a Disguise — Teams Screen-Sharing Funnels Iranian Espionage Through Fake Extortion
Rapid7 attributes a Chaos-branded ransomware intrusion to Iran's MuddyWater. No files were ever encrypted — the ransom note was cover for Stagecomp/Darkcomp espionage delivered via Microsoft Teams screen-share.
$285M Gone in 12 Minutes: DPRK-Linked Attackers Weaponize Solana Durable Nonces to Gut Drift Protocol
North Korean threat actors drained $285M from Solana's largest perpetual futures exchange by weaponizing durable nonces, fabricating a fake token, and socially engineering governance multisig signers.