threat actor

5 articles

social engineeringthreat actordeveloper securitymacOSsupply chain

That Recruiter in Your DMs Is Installing Malware on Your Mac

A threat actor called JINX-0164 is posing as recruiters to trick developers into running malware that steals credentials, crypto wallets, and SSH keys. If your company employs developers, this is your problem.

May 26, 2026

cloudthreat actorcredential theftsmall business

One Threat Actor Is Looting Every Cloud Provider at the Same Time

A single threat actor called JINX-0163 is systematically harvesting credentials across AWS, Azure, GCP, Okta, and SaaS platforms. If you use any cloud service, you're in the blast radius.

May 14, 2026

threat actorcloudinfrastructureDockerKubernetessmall business

TeamTNT Is Scanning for Your Cloud Right Now

They've been hijacking Docker containers, Kubernetes clusters, and cloud credentials since 2019. If you run anything in the cloud -- and you almost certainly do -- TeamTNT is looking for the door you left open.

May 11, 2026

threat actornation-statephishingLiving off the Land

MuddyWater Is an Iranian Government Hacking Unit. Their Playbook Is Already Being Used Against You.

MuddyWater is a state-sponsored APT run by Iran's intelligence ministry. Their techniques — phishing from compromised accounts, abusing legitimate admin tools — are now standard criminal playbook. Here's what they do and how to defend against it.

May 7, 2026

threat actorsocial engineeringphishingvishing

Scattered Spider Called Your Help Desk. Your Employee Let Them In.

The most dangerous hacking group in America doesn't write exploits. They pick up the phone and ask for access. And your team is giving it to them.

May 4, 2026