Fake job recruiters hide malware in developer coding challenges

A new variation of the fake recruiter campaign from North Korean threat actors is targeting JavaScript and Python developers with cryptocurrency-related tasks.
GitHub

Bulk security settings (SPF, DMARC, DKIM) check for the domains in a list

Go to the RESTful API page of MxToolbox (https://mxtoolbox.com/User/Api/Lookup.aspx), find the API key (var apiKey = ...) and copy it into the code (line 8). Run the ...