Mastodawn

Fake recruiter campaign targets crypto developers with RAT

A sophisticated fake recruitment campaign named 'graphalgo' has been active since May 2025, targeting JavaScript and Python developers in the cryptocurrency sector. Attackers approach victims through LinkedIn, Facebook, and Reddit with fabricated job opportunities from fake blockchain companies like Veltrix Capital. The campaign uses malicious dependencies hidden in npm and PyPI packages, delivered through coding test repositories on GitHub. Notable is the bigmathutils package that accumulated over 10,000 downloads before its malicious version was released. The operation deploys a remote access trojan (RAT) with token-protected C2 communication, file manipulation capabilities, and functionality to detect the Metamask browser extension, indicating focus on cryptocurrency theft. The modular campaign design allows threat actors to maintain backend infrastructure while easily replacing compromised frontend elements.

Pulse ID: 69dd073f50edefa3e44adec6
Pulse Link: https://otx.alienvault.com/pulse/69dd073f50edefa3e44adec6
Pulse Author: AlienVault
Created: 2026-04-13 15:09:51

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#BlockChain #Browser #CyberSecurity #Facebook #GitHub #InfoSec #Java #JavaScript #LinkedIn #NPM #OTX #OpenThreatExchange #PyPI #Python #RAT #RemoteAccessTrojan #Trojan #bot #cryptocurrency #developers #AlienVault

LevelBlue - Open Threat Exchange

Learn about the latest cyber threats. Research, collaborate, and share threat intelligence in real time. Protect yourself and the community against today's emerging threats.

LevelBlue Open Threat Exchange

Show thread

Aerofreak | USA WTF?27m ago

@pallenberg

Weiß schon, warum ich dem Laden den Rücken gekehrt habe. Erst der Opt-out aus dem KI-Gedöns und jetzt das.

Datenkrake. LinkedOut.

@info

#Browsergate #Datenschutz #LinkedIn

AA 46m ago

Interesting post, all things considered.

Security Week: BrowserGate: Claims of LinkedIn ‘Spying’ Clash With Security Research Findings https://www.securityweek.com/browsergate-claims-of-linkedin-spying-clash-with-security-research-findings/ @SecurityWeek #Microsoft #LinkedIn #privacy

BrowserGate: Claims of LinkedIn ‘Spying’ Clash With Security Research Findings

BrowserGate: What you need to know - Claims that Microsoft is “running one of the largest corporate espionage operations” ignite debate over LinkedIn’s data collection practices.

SecurityWeek

Hackread.com 50m ago

Watch out, as in an ongoing campaign, BITTER APT is spreading ProSpy and ToSpy spyware via Signal, Google, and Zoom lures to target journalists through LinkedIn and iMessages.

Read: https://hackread.com/bitter-apt-signal-google-zoom-prospy-spyware/

#CyberSecurity #LinkedIn #iMessage #Spyware #BitterAPT

BITTER APT Uses Signal, Google, and Zoom Lures to Spread ProSpy Spyware

BITTER APT spreads ProSpy and ToSpy via Signal, Google, and Zoom lures, targeting journalists through LinkedIn and iMessage spearphishing.

Hackread - Cybersecurity News, Data Breaches, AI and More

DigitalNaiv = Stefan Pfeiffer 2h ago

#BrowserGate - Wir haben es bei #9vor9 und im Blog behandelt. Jetzt kommentiert @pallenberg: "Warum ist diese Geschichte nicht größer? Warum ist BrowserGate nicht längst ein Thema, das in jeder Debatte ueber #Microsoft, #LinkedIn, Plattformregulierung und digitale Souveränität mitläuft?
Möglicherweise, weil LinkedIn noch immer mit einem Imagebonus unterwegs ist, den andere Plattformen längst verspielt haben. LinkedIn gilt vielen als das “serioese” soziale Netzwerk." https://www.metacheles.de/browsergate-so-scannt-linkedin-offenbar-euren-rechner/

BrowserGate: So scannt LinkedIn offenbar euren Rechner

LinkedIn praesentiert sich als serioeses Business-Netzwerk … doch der Vorwurf hinter BrowserGate ist heftig! Waehrend ihr vermeintlich nur durch euren Feed scrollt, soll im Hintergrund euer Rechner auf installierte Programme und Browser-Erweiterungen gescannt werden … heimlich, ohne Einwilligung und ohne echte Transparenz. Sollte sich das bestaetigen, reden wir nicht ueber einen peinlichen

MeTacheles

Biblioteques de la UPC 2h ago

Adéu, Bluesky! 👋 Les Biblioteques de la @[email protected] ens acomiadem d'aquest canal. A partir d'ara, ens trobareu a #LinkedIn, on compartirem més contingut i tota l'actualitat. Gràcies per haver-nos acompanyat! ✨ Vine a saludar-nos a www.linkedin.com/company/bibl... #BibliotequesUPC

TheBadPlace 3h ago

All Content from Business Insider | Companies don't want your résumé. You'll have to show up instead. by Steve Russolillo

Getty Images; Tyler Le/BI

This post originally appeared in the BI Today newsletter.You can sign up for Business Insider's daily newsletter here.Rethinking résuméIt's wild to me to think the résumé might actually be dead.

About a decade ago, I taught a business communications course to MBA students. One aspect of it was résumé writing. I'd share tips for crafting a standout résumé, then have students workshop each other's drafts in small groups, pushing for sharper, more distinctive, and memorable copy.

Read the original article on Business Insider

#careers #newsletter #businessinsider #linkedin

Companies don't want your résumé. You'll have to show up instead.

In this Sunday edition of Business Insider Today, we're talking about the death of the résumé and what comes next.

Business Insider

Dag 4h ago

#LinkedIn caught red handed with massive #fingerprinting of it's users https://browsergate.eu/what-is-browsergate/
#privacy

Introduction - What is BrowserGate?

Linkedin is searching your computer Every time you visit linkedin.com, a JavaScript program embedded in the page scans your browser for installed Chrome extensions. The program runs silently, without any visible indicator to the user. It does not ask for consent. It does not disclose what it is doing. It reports the results to LinkedIn’s servers. This is not a one-time check. The scan runs on every page load, for every visitor.

BrowserGate