Advertisement
North Korean Sapphire Sleet Compromises 140+ Mastra AI npm Packages
Microsoft attributes the Mastra AI supply chain attack to Sapphire Sleet (BlueNoroff), involving 140+ malicious npm packages targeting AI developers.

Chinese and North Korean APT Activity Surges Across APAC Markets
Chinese and North Korean threat groups are intensifying operations in Asia-Pacific, impacting regional economies and targeting financial institutions for profit.
CVE-2024-21338: Microsoft Defender Zero-Day Exploited by Lazarus
Microsoft patches two zero-day vulnerabilities in Defender and SmartScreen exploited by Lazarus Group for privilege escalation and malware delivery.

North Korea Dominates Crypto Heists: 76% of Stolen Funds by 2026
North Korean threat actors are projected to be responsible for 76% of all cryptocurrency stolen by 2026, utilizing sophisticated methods for large-scale heists.
Redtail Malware Exploiting CVE-2024-3400: Technical Analysis
Analysis of the Libredtail variant exploiting Palo Alto Networks CVE-2024-3400 to deploy crypto-miners and establish rootkit persistence.

AI-Generated npm Supply Chain Attack: DPRK Exploits Claude Opus
North Korean actors leverage LLMs like Claude Opus to insert malicious npm packages into developer workflows, leading to RCE and data theft via @validate-sdk/v2.

BlueNoroff Exploits Fake Zoom Meetings to Deploy macOS Malware
BlueNoroff leverages AI avatars and stolen video to compromise crypto executives via fake Zoom calls and the Hidden Risk macOS malware family.

Lazarus Group's $2B+ Crypto Theft: Defending Against Supply Chain Attacks
An analysis of Lazarus Group's persistent and financially motivated cyber operations, highlighting over $2B in crypto theft and critical supply chain attack risks.

DPRK's 'Contagious Interview' Spreads RATs via Dev Repositories
DPRK threat actors are employing a 'contagious interview' scam, weaponizing compromised developer repositories to propagate RATs and malware across the software supply

North Korean Hackers Distribute 1,700 Malicious Packages via npm and PyPI
North Korean threat actors expand the Contagious Interview campaign, deploying 1,700 malicious packages across npm, PyPI, Go, and Rust ecosystems.

DPRK Hackers Abuse GitHub Infrastructure for C2 in South Korea
North Korean state-sponsored actors are leveraging GitHub as a command-and-control platform in complex multi-stage attacks targeting South Korean organizations.
Stardust Chollima Compromises Axios npm Package
Technical analysis of the Stardust Chollima supply chain attack targeting the Axios npm package to exfiltrate developer credentials and data.