JINX-0164 Targets Crypto Firms via Fake Recruiters and macOS Malware

Colleagues, a cybersecurity alert: a new JINX-0164 campaign is targeting crypto companies using fake recruiters and macOS malware.
Wiz recorded that attackers use convincing LinkedIn profiles, spoofed domains and meeting invites to trick victims into installing a “fix” that runs a script to deploy a Python infostealer and the AUDIOFIX RAT. MiniRAT was also observed spreading via a compromised npm package.
Exfiltrated data includes passwords, SSH keys, wallet data and messenger sessions; there were attempts to pivot into CI/CD and to tamper with code.
Why this matters: the campaign combines targeted social engineering with supply‑chain tactics — a direct threat to developers and infrastructure.
What would you do to protect teams and CI/CD?
#cybersecurity #supplychain #macOS #cryptosecurity


Latest comments
No comments yet.