Advertisement
CrowdStrike 2026 Financial Threat Report: Trends in Identity Exploitation
Analysis of the CrowdStrike 2026 Financial Services Threat Landscape Report, focusing on identity-based attacks, cloud risks, and adversary TTPs.
DPRK IT Worker Laptop Farms: U.S. Nationals Sentenced for Fraud
Two U.S. residents sentenced for operating laptop farms that enabled North Korean IT workers to defraud Fortune 500 companies using stolen identities.
North Korean Social Engineering Targets Node.js Maintainers
North Korean threat actors use social engineering and malicious npm packages to target high-profile Node.js maintainers in a sophisticated supply chain campaign.
Axios npm Hijack Attempt: Detecting Social Engineering Tactics
North Korean threat actors targeted an Axios maintainer with a fake Microsoft Teams fix, highlighting critical risks to open-source supply chains.
WaterPlum Abuses VS Code Tasks to Deploy StoatWaffle Malware
North Korean threat actor WaterPlum leverages VS Code tasks.json to automate StoatWaffle malware deployment during fraudulent developer recruitment campaigns.
TfL Data Breach and Avira Security Flaws: Weekly Threat Briefing
Analysis of the Transport for London breach affecting 10 million users, Avira antivirus security flaws, and North Korean cyber actor attribution.
Lazarus Group Targets U.S. Healthcare with Medusa Ransomware
North Korean Lazarus Group is targeting U.S. healthcare providers with Medusa ransomware, utilizing Dtrack malware for initial access and persistence.