Advertisement
CVE-2024-21338: Microsoft Defender Zero-Day Exploited by Lazarus
Microsoft patches two zero-day vulnerabilities in Defender and SmartScreen exploited by Lazarus Group for privilege escalation and malware delivery.
North Korea Dominates Crypto Heists: 76% of Stolen Funds by 2026
North Korean threat actors are projected to be responsible for 76% of all cryptocurrency stolen by 2026, utilizing sophisticated methods for large-scale heists.
Redtail Malware Exploiting CVE-2024-3400: Technical Analysis
Analysis of the Libredtail variant exploiting Palo Alto Networks CVE-2024-3400 to deploy crypto-miners and establish rootkit persistence.
AI-Generated npm Supply Chain Attack: DPRK Exploits Claude Opus
North Korean actors leverage LLMs like Claude Opus to insert malicious npm packages into developer workflows, leading to RCE and data theft via @validate-sdk/v2.
BlueNoroff Exploits Fake Zoom Meetings to Deploy macOS Malware
BlueNoroff leverages AI avatars and stolen video to compromise crypto executives via fake Zoom calls and the Hidden Risk macOS malware family.
Lazarus Group's $2B+ Crypto Theft: Defending Against Supply Chain Attacks
An analysis of Lazarus Group's persistent and financially motivated cyber operations, highlighting over $2B in crypto theft and critical supply chain attack risks.
DPRK's 'Contagious Interview' Spreads RATs via Dev Repositories
DPRK threat actors are employing a 'contagious interview' scam, weaponizing compromised developer repositories to propagate RATs and malware across the software supply
North Korean Hackers Distribute 1,700 Malicious Packages via npm and PyPI
North Korean threat actors expand the Contagious Interview campaign, deploying 1,700 malicious packages across npm, PyPI, Go, and Rust ecosystems.
DPRK Hackers Abuse GitHub Infrastructure for C2 in South Korea
North Korean state-sponsored actors are leveraging GitHub as a command-and-control platform in complex multi-stage attacks targeting South Korean organizations.
Stardust Chollima Compromises Axios npm Package
Technical analysis of the Stardust Chollima supply chain attack targeting the Axios npm package to exfiltrate developer credentials and data.
Bitrefill Attributes Cyberattack to North Korean Lazarus Group
Bitrefill identifies North Korean Lazarus Group as the perpetrator of a recent cyberattack, underscoring the persistent threat to crypto-focused businesses.
OFAC Sanctions DPRK IT Worker Network Funding WMD Programs
US Treasury sanctions North Korea's IT worker network used to fund WMD programs. Learn how these actors use fake identities and how to secure remote hiring.