North Korean hacking group Lazarus has been using a new, more sophisticated malware called LightlessCan in its fake employment scams, according to ESET researchers. The new payload is more difficult to detect than its predecessor, BlindingCan, and mimics a range of native Windows commands, enabling discreet execution. LightlessCan also uses "execution guardrails" to ensure the payload can only be decrypted on the intended victim's machine. The Lazarus Group's scams typically involve tricking victims with a job offer at a well-known firm and enticing them to download a malicious payload disguised as documents.