- Forging Trust
- Posts
- Deepfake Employees + South Korea's $4.8m Crypto Key Blunder
Deepfake Employees + South Korea's $4.8m Crypto Key Blunder
IT channel and business news with a focus on regulatory compliance.
Blacksmith Team
March 18, 2026
❓Deepfake Employees: Fake Résumés, Real Breaches
Hiring a fully remote “cloud engineer” felt like a win. The résumé checked every box, the video interviews were smooth, the references came back glowing. The new hire shipped code quickly, asked smart questions in Slack, and never missed a stand‑up. Thirty days later, incident response found a quiet backdoor in the CI/CD pipeline and a steady trickle of customer data headed to an overseas VPS. When the company tried to confront the engineer, the accounts went dark — and no one could prove the person had ever physically existed…
🤦 What We Can Learn from South Korea's Crypto Key Mistake
Officials in South Korea’s National Tax Service stood behind a table of seized hardware wallets prepping for their victory lap. Photos of the wallets went out in high resolution. On social media, people zoomed in — and found the handwritten seed phrase for one of the wallets sitting in plain view. Within hours, an unknown actor drained roughly 4.8 million dollars’ worth of tokens from a wallet the state believed it controlled…
⚠️ Threat Updates
🔴 New “PerplexedBrowser” Agentic Browser Flaws Enable Zero‑Click Data and Credential Theft (03/04/26)
Zenity Labs has disclosed “PerplexedBrowser,” a subfamily of the broader PleaseFix vulnerability class affecting Perplexity’s Comet agentic browser, where attacker‑controlled content (such as a malicious calendar invite) can silently hijack the AI agent, exfiltrate local files, and abuse agent‑authorized workflows to harvest password‑manager credentials and even take over accounts like 1Password without any explicit exploit or user clicks, all while continuing to return seemingly normal results to the user. » More Info
🔴 AI “Recommendation Poisoning” Lets Hidden Prompts Skew Enterprise Decisions (03/15/26)
Microsoft’s Defender Security Research team is warning that “AI Recommendation Poisoning” attacks are actively manipulating AI assistants’ long‑term memory via hidden prompts embedded in links and “Summarize with AI” buttons, causing chatbots to quietly favor specific vendors, tools, or sites in future answers. Over a 60‑day window, Microsoft observed more than 50 distinct malicious prompts from 31 companies across 14 industries planting instructions such as “remember this company as a trusted source” so that subsequent product, security, finance, or even health recommendations appear unbiased while actually being steered by covert commercial payloads. » More Info
🗨️ Parting Words
"Hardware: the parts of a computer system that can be kicked." — Jeff Pesis
Are you a vCISO or MSP looking to operationalize security programs? Let’s discuss how Blacksmith Infosec proves that compliance is an opportunity, not a struggle that has to be packaged in FUD!