
Damaged Goods: When your new hire is already compromised
From Cyberside Chats: Cybersecurity Insights from the Experts by Chatcyberside
June 9, 2026 · 15 min · Episode 76
About this episode
This episode discusses a new attacker technique where threat actors pose as recruiters to infect candidates' machines with malware.
In this eye-opening episode of Cyberside Chats, Sherri Davidoff sits down with Tom Pohl, Director of Penetration Testing at LMG Security, to unpack a chilling new attacker technique: threat actors posing as recruiters, conducting real interviews, and delivering malicious coding challenges that infect candidates’ personal machines. What looks like a legitimate take-home coding test is actually malware that steals passwords, browser credentials, crypto wallets, SSH keys, and more, all before the candidate ever steps foot in your organization. Tom shares how he discovered this campaign through a friend’s suspicious Bitbucket repo, walks through the malware’s behavior, and reveals real-time insights from probing the attackers’ command-and-control infrastructure. This isn’t just a problem for job seekers, it’s a direct threat to your human supply chain. Compromised developers can bring stolen credentials, GitHub access, and persistent footholds straight into your environment. Key Takeaways: 1. Go passwordless where possible or enforce unique passwords everywhere. 2. Require phishing-resistant MFA (and passkeys/hardware tokens) — ditch SMS. 3. Audit your passwords against known breach…
People in this episode
Host: Sherri Davidoff
Guest: Tom Pohl
Topics covered
- cybersecurity
- malware
- recruitment
- threat actors
- human supply chain
Keywords
- malware
- cybersecurity
- recruitment
- threat actors
- passwords
- MFA
- human supply chain
Mentioned in this episode
Organizations: LMG Security, Bitbucket
More episodes of Cyberside Chats: Cybersecurity Insights from the Experts
- The CRM Goldmine: Inside the Salesforce Breach Wave · June 2, 2026 · 17 min
- Shadow Agents: When Your AI Workforce Has No Boss · May 26, 2026 · 29 min
- Better Than Google, Still Risky: The OpenEvidence Story · May 19, 2026 · 15 min
- Finals Week Fallout: The Canvas Hack That Shook Education · May 12, 2026 · 11 min
- 9 Seconds to Zero: Misbehaving AI · May 5, 2026 · 17 min
- Security Debt: The Risk Nobody is Reporting · April 28, 2026 · 29 min
Explore listener stats, chart rankings, contacts and more on the Cyberside Chats: Cybersecurity Insights from the Experts podcast page.