Contagious Interview is a threat campaign tracked across 27 threat clusters and 32 intelligence report mentions on ThreatCluster. First observed November 17, 2025; most recent activity July 3, 2026.
A cybersecurity incident involved a fake job interview scheme on Wellfound, where an operator named 'Felix' from 'HyperHive' targeted an individual using a social engineering tactic referencing their real CV. The attack…
A sophisticated backdoor malware named Firestarter has been discovered on Cisco Firepower devices, attributed to the state-sponsored threat actor UAT-4356. The malware exploits two vulnerabilities, CVE-2025-20333 and…
The Google Threat Intelligence Group (GTIG) reports that North Korean threat actor UNC5342 has adopted a new technique called EtherHiding to deliver malware and facilitate cryptocurrency theft. This method embeds…
Void Dokkaebi, a North Korean threat actor, has escalated its malware distribution tactics by using fake job interviews to compromise software developers. This campaign, known as the 'Contagious Interview,' targets…
A new supply chain attack, dubbed 'Mini Shai-Hulud', has compromised multiple npm packages related to SAP's Cloud Application Programming Model (CAP). This attack involves injecting malicious preinstall scripts into…
On May 20, 2026, GitHub confirmed a significant security breach involving a poisoned Visual Studio Code (VS Code) extension that compromised an employee's device. The attack, attributed to the TeamPCP hacking group,…
North Korea-linked hackers have exploited a critical flaw in web applications using a new malware called EtherRAT. This remote access trojan employs Ethereum smart contracts for communication and utilizes multiple Linux…
The North Korea-linked hacking group WaterPlum has launched a new malware strain called StoatWaffle, targeting developers through compromised Visual Studio Code (VSCode) repositories. This malware is part of an ongoing…
Recent reports detail the tactics employed by various cyber adversaries to enumerate files and directories on compromised systems. Adversaries utilize command shell utilities and custom tools to gather sensitive…
North Korean threat actors have initiated a campaign named Contagious Interview, targeting IT professionals in the cryptocurrency, Web3, and AI sectors. The operation involves deploying remote access backdoors and…