Cyber Security News

Hacking Editorial Brief — May 31, 2026

JINX-0164 Deploys Multi-Stage Attack Against Cryptocurrency Organizations

A sophisticated threat actor designated JINX-0164 is conducting targeted operations against cryptocurrency organizations using LinkedIn-based social engineering to gain initial access. The campaign begins with fake recruitment outreach, progresses to custom macOS malware deployment on employee laptops, and culminates in CI/CD pipeline compromise to inject malicious code into software distribution systems. The attack chain demonstrates advanced operational security and infrastructure targeting, moving beyond individual credential theft to compromise the software supply chain itself. The focus on cryptocurrency organizations reflects continued threat actor interest in high-value targets where code signing infrastructure compromise could enable substantial financial theft.

MFA-Bypassing Phishing Kit Targets Microsoft 365 Environments

The FBI has issued warnings about an active phishing campaign using specialized toolkits designed to bypass multi-factor authentication protections on Microsoft 365 accounts. The attack framework intercepts authentication sessions in real-time, defeating MFA implementations that organizations rely on as a primary defense layer. Separately, fake Anthropic websites are delivering fileless infostealers specifically targeting users of Claude Code, demonstrating threat actors' rapid adaptation to emerging AI development tools. Carnival Corporation disclosed a breach affecting nearly 6 million travelers, though specific attack vectors and timeline details remain limited.

Sources: Wiz · SI Live · Hackread · Fox News