Skip to main content

Tag: north korea

156 articles

Abandoned kelp forest with tangled seaweed and a cracked laptop emitting a faint glow amidst scattered coins.

Lazarus Group Targets KelpDAO in $290m Crypto Heist

In a shocking crypto heist, North Korea's notorious Lazarus Group is accused of swiping $290 million from KelpDAO, raising questions about accountability in the digital age. This brazen theft is a stark reminder of the threats lurking in the shadows of the cryptocurrency world.

Analyst 207
Shadowy figure in hoodie surrounded by cryptic symbols and a dead plant, with a laptop glow, set against a dusk cityscape.

Lazarus Hackers Orchestrate $290 Million KelpDAO Heist

In a shocking turn of events, the Lazarus hackers struck again, making off with a staggering $290 million from the KelpDAO decentralized finance project in a single weekend heist. But who benefits from this massive theft, and who's left to deal with the devastating aftermath?

Analyst 207
Person in handcuffs stands amidst broken tech devices with ominous cityscape and subtle North Korea map in background.

US Nationals Sentenced for Aiding North Korea's Tech Worker Scam

Two US nationals have been sentenced for their role in a brazen scam that helped North Korean operatives land jobs at over 100 American companies by creating shell companies and fake laptop farms. This shocking case exposes the surprising ease with which the duo was able to facilitate a transnational labor operation.

Analyst 207
Person sitting in dimly lit room with laptop and smartphone, faces obscured by shadows and fake login page.

North Korea Exploits Social Engineering to Target macOS Users

Beware of a sneaky new scam where North Korean hackers trick macOS users into handing over their credentials and cryptocurrency by posing as a fake Zoom update. They're using social engineering to get you to do the work for them, making it a low-cost but hard-to-stop threat.

Analyst 207
Severed laptop cord wrapped around a globe with scattered papers and a smartphone near a cracked windowpane overlooking a…

US Seizes Control of North Korea's Fake Remote Worker Scam Network

Imagine a network of seemingly ordinary remote workers secretly infiltrating over 100 companies - only to discover they were all part of a massive scam run by North Korea. Two Americans have been jailed for helping the rogue nation pull off this daring cyber deception.

Analyst 207
Handcuffed individuals surrounded by computer screens and cables with a shadowy North Korea map looming in the background.

US Pair Sentenced for Aiding North Korea in $5 Million IT Worker Scam

Two Americans have been sentenced to a combined 200 months in prison for their role in a four-year scam that funneled roughly $5 million to North Korea by targeting Fortune 500 companies and a US defense contractor with fraudulent IT worker schemes. The shocking case reveals how these individuals became unwitting accomplices to a foreign regime's lucrative deception.

Analyst 207
Handcuffs wrapped around a laptop with a globe in the background and a cracked smartphone nearby.

US Nationals Jailed for Aiding DPRK IT Workers in Large-Scale Fraud Scheme

Two US nationals have been jailed for helping North Korean IT workers impersonate American residents and land remote jobs at over 100 companies, including many Fortune 500 firms, in a massive fraud scheme that raises serious questions about remote hiring practices. This brazen case exposes vulnerabilities in verifying remote workers' identities and locations.

Analyst 207
Cracked smartphone surrounded by screens displaying distorted code with a looming figure in a dimly lit cityscape at dusk.

APT37 Exploits Facebook for RokRAT Malware Delivery

North Korean hackers APT37 have cleverly turned Facebook friend requests into a sneaky way to deliver RokRAT malware, exploiting our natural tendency to trust social connections. By accepting a friend request, victims unwittingly open the door to a remote access trojan that can compromise their device.

Analyst 207
Person in a hoodie with obscured face sits in front of laptop displaying cityscape, surrounded by network-like lines and…

Mandiant Report Reveals Evolving Cyber Threat Tactics

Discover the alarming evolution of cyber threats in Mandiant's M-Trends 2026 report, which reveals a stark reality: attackers are now operating under two distinct playbooks, drastically changing the detection, response, and risk landscape. The report uncovers a significant increase in global median dwell time to 14 days, with some attacks lingering for as long as 122 days.

Analyst 207
Shadowy figure lurks near laptop with tangled wires and broken padlock, amidst eerie city glow.

North Korea-linked actor compromises axios NPM package

A shocking discovery by Google Threat Intelligence Group has exposed a vulnerability in the popular axios NPM package, which has over 100 million weekly downloads, and has raised urgent questions about the trustworthiness of software supply chains. A malicious dependency was secretly introduced into axios releases, putting countless applications at risk.

Analyst 207
Axios Library Compromised in North Korea-Linked Supply Chain Attack

Axios Library Compromised in North Korea-Linked Supply Chain Attack

A widely-used JavaScript library, Axios, has been compromised in a supply-chain attack linked to North Korea, allowing attackers to secretly inject malicious code into millions of applications and systems. This sneaky move has sent shockwaves through the open-source software community, highlighting the vulnerability of even the most trusted code.

Analyst 207
Google Links Axios npm Breach to North Korea's UNC1069 Group

Google Links Axios npm Breach to North Korea's UNC1069 Group

Google's threat intelligence team has linked a recent breach of the Axios npm package to UNC1069, a North Korean hacking group motivated by financial gain. This alarming discovery highlights the vulnerability of the software supply chain to state-linked cybercrime.

Analyst 207
North Korea’s APT37 Exclusive: Dangerous Tool Hits Air-Gap

North Korea’s APT37 Exclusive: Dangerous Tool Hits Air-Gap

Think the most isolated machines are untouchable? North Korea’s APT37 has broadened its toolkit — combining believable lures with new utilities that can defeat air‑gap protections and put highly sensitive systems at fresh risk.

Analyst 207
North Korean Lazarus Group Exclusive: Dangerous Medusa Surge

North Korean Lazarus Group Exclusive: Dangerous Medusa Surge

When hospitals open their doors, their networks shouldnt open to extortion — but a surge in Medusa ransomware tied to North Koreas Lazarus Group is forcing technologists, health‑care leaders and policymakers to decide how to lock them. These attacks — a blend of state‑grade tools and criminal tactics — risk disrupted care, delayed diagnoses and real harm to patients.

Analyst 207
Lazarus Group Exclusive Medusa Strikes Critical Healthcare

Lazarus Group Exclusive Medusa Strikes Critical Healthcare

Get the inside story on how the Lazarus Group’s Medusa strike rocked critical healthcare—and what it means for patients, providers, and the future of cyber defenses.

Analyst 207
Konni Hackers Exclusive AI PS Backdoor Dangerous to Devs

Konni Hackers Exclusive AI PS Backdoor Dangerous to Devs

Konni hackers are now using AI to craft convincing developer‑facing PowerShell backdoors that can turn a single compromised laptop into a supply‑chain catastrophe—if you work on builds or CI, now’s the time to harden systems with hardware MFA, reproducible builds, and artifact signing.

Analyst 207
QR codes Exclusive Threat: Pyongyang’s Dangerous Phishing

QR codes Exclusive Threat: Pyongyang’s Dangerous Phishing

Think twice before you scan: the FBI warns North Korean hackers are using QR-based quishing to turn innocent-looking codes into multi-step traps that steal cloud credentials and bypass enterprise defenses.

Analyst 207
QR codes Stunning Pyongyang Phishing Threat

QR codes Stunning Pyongyang Phishing Threat

QR codes have gone from handy shortcuts to attack vectors—North Korean actors are using QR-based phishing to steal cloud credentials by hiding multi-step payloads inside seemingly legitimate scans. The real question now isnt whether to scan, but how to verify what the square tells you.

Analyst 207
US: Exclusive Five Plead Guilty in Damaging NK IT Fraud

US: Exclusive Five Plead Guilty in Damaging NK IT Fraud

Five people in the U.S. pleaded guilty this year to helping North Korean hackers secure remote IT jobs with American companies — a wake-up call that remote hiring can be manipulated to mask origins, launder pay, and funnel talent and cash back to Pyongyang.

Analyst 207
North Korean Hackers Exclusive: Dangerous JSON Channels

North Korean Hackers Exclusive: Dangerous JSON Channels

What if your next dependency quietly pulled a malicious payload from an innocent-looking JSON? North Korean-linked actors are exploiting public JSON storage services like JSON Keeper, JSONsilo, and npoint.io to seed stealthy backdoors into developer supply chains and swap payloads on the fly to evade detection.

Analyst 207
Android Devices Exclusive: KONNI APT Critical Alert

Android Devices Exclusive: KONNI APT Critical Alert

Imagine the smart display on your counter becoming the remote trigger that erases the phone in your pocket — researchers warn a North Korean-linked group called KONNI is abusing Google’s Find My Device and device-management features to remotely wipe Android devices. This tactic can destroy data, break two‑factor access and cripple businesses, a stark reminder that everyday conveniences can be weaponized for sabotage.

Analyst 207
Lazarus Group Exclusive: Critical Threat to Europe’s Defense

Lazarus Group Exclusive: Critical Threat to Europe’s Defense

Who’s stealing Europe’s drone blueprints — and why? Investigators now point to North Korea’s Lazarus Group and Operation DreamJob, a stealthy campaign targeting small defense firms to grab design files, accelerate domestic drone programs, and probe weaknesses in Europe’s nascent “drone wall.”

Analyst 207
Hooded figure in shadows stands before dimly lit European map, laptop screen glowing with cryptic image amidst broken…

Lazarus Group Exclusive: Stunning Threat to EU Defense

Europe’s drone industry is being stalked by North Korea’s Lazarus Group, which used fake recruitment DreamJob lures to slip malware into engineers’ inboxes and siphon designs, test data and R&D secrets. The campaign shows how porous modern research networks are—and how cyber espionage can become a direct, strategic threat to EU defence and supply‑chain security.

Analyst 207
Lazarus Group Exclusive: Dire Threat to European Defense

Lazarus Group Exclusive: Dire Threat to European Defense

Who watches the watchers? Researchers say North Korea’s Lazarus Group—behind Operation “DreamJob”—has quietly infiltrated European drone and counter‑UAS R&D to steal designs, credentials and test data, putting the continent’s push for a layered “drone wall” at real risk of espionage, sabotage and costly setbacks.

Analyst 207