Tag: north korea
156 articles

Lazarus Group Targets KelpDAO in $290m Crypto Heist
In a shocking crypto heist, North Korea's notorious Lazarus Group is accused of swiping $290 million from KelpDAO, raising questions about accountability in the digital age. This brazen theft is a stark reminder of the threats lurking in the shadows of the cryptocurrency world.

Lazarus Hackers Orchestrate $290 Million KelpDAO Heist
In a shocking turn of events, the Lazarus hackers struck again, making off with a staggering $290 million from the KelpDAO decentralized finance project in a single weekend heist. But who benefits from this massive theft, and who's left to deal with the devastating aftermath?

US Nationals Sentenced for Aiding North Korea's Tech Worker Scam
Two US nationals have been sentenced for their role in a brazen scam that helped North Korean operatives land jobs at over 100 American companies by creating shell companies and fake laptop farms. This shocking case exposes the surprising ease with which the duo was able to facilitate a transnational labor operation.

North Korea Exploits Social Engineering to Target macOS Users
Beware of a sneaky new scam where North Korean hackers trick macOS users into handing over their credentials and cryptocurrency by posing as a fake Zoom update. They're using social engineering to get you to do the work for them, making it a low-cost but hard-to-stop threat.

US Seizes Control of North Korea's Fake Remote Worker Scam Network
Imagine a network of seemingly ordinary remote workers secretly infiltrating over 100 companies - only to discover they were all part of a massive scam run by North Korea. Two Americans have been jailed for helping the rogue nation pull off this daring cyber deception.

US Pair Sentenced for Aiding North Korea in $5 Million IT Worker Scam
Two Americans have been sentenced to a combined 200 months in prison for their role in a four-year scam that funneled roughly $5 million to North Korea by targeting Fortune 500 companies and a US defense contractor with fraudulent IT worker schemes. The shocking case reveals how these individuals became unwitting accomplices to a foreign regime's lucrative deception.

US Nationals Jailed for Aiding DPRK IT Workers in Large-Scale Fraud Scheme
Two US nationals have been jailed for helping North Korean IT workers impersonate American residents and land remote jobs at over 100 companies, including many Fortune 500 firms, in a massive fraud scheme that raises serious questions about remote hiring practices. This brazen case exposes vulnerabilities in verifying remote workers' identities and locations.

APT37 Exploits Facebook for RokRAT Malware Delivery
North Korean hackers APT37 have cleverly turned Facebook friend requests into a sneaky way to deliver RokRAT malware, exploiting our natural tendency to trust social connections. By accepting a friend request, victims unwittingly open the door to a remote access trojan that can compromise their device.

Mandiant Report Reveals Evolving Cyber Threat Tactics
Discover the alarming evolution of cyber threats in Mandiant's M-Trends 2026 report, which reveals a stark reality: attackers are now operating under two distinct playbooks, drastically changing the detection, response, and risk landscape. The report uncovers a significant increase in global median dwell time to 14 days, with some attacks lingering for as long as 122 days.

North Korea-linked actor compromises axios NPM package
A shocking discovery by Google Threat Intelligence Group has exposed a vulnerability in the popular axios NPM package, which has over 100 million weekly downloads, and has raised urgent questions about the trustworthiness of software supply chains. A malicious dependency was secretly introduced into axios releases, putting countless applications at risk.

Axios Library Compromised in North Korea-Linked Supply Chain Attack
A widely-used JavaScript library, Axios, has been compromised in a supply-chain attack linked to North Korea, allowing attackers to secretly inject malicious code into millions of applications and systems. This sneaky move has sent shockwaves through the open-source software community, highlighting the vulnerability of even the most trusted code.

Google Links Axios npm Breach to North Korea's UNC1069 Group
Google's threat intelligence team has linked a recent breach of the Axios npm package to UNC1069, a North Korean hacking group motivated by financial gain. This alarming discovery highlights the vulnerability of the software supply chain to state-linked cybercrime.

North Korea’s APT37 Exclusive: Dangerous Tool Hits Air-Gap
Think the most isolated machines are untouchable? North Korea’s APT37 has broadened its toolkit — combining believable lures with new utilities that can defeat air‑gap protections and put highly sensitive systems at fresh risk.

North Korean Lazarus Group Exclusive: Dangerous Medusa Surge
When hospitals open their doors, their networks shouldnt open to extortion — but a surge in Medusa ransomware tied to North Koreas Lazarus Group is forcing technologists, health‑care leaders and policymakers to decide how to lock them. These attacks — a blend of state‑grade tools and criminal tactics — risk disrupted care, delayed diagnoses and real harm to patients.

Lazarus Group Exclusive Medusa Strikes Critical Healthcare
Get the inside story on how the Lazarus Group’s Medusa strike rocked critical healthcare—and what it means for patients, providers, and the future of cyber defenses.

Konni Hackers Exclusive AI PS Backdoor Dangerous to Devs
Konni hackers are now using AI to craft convincing developer‑facing PowerShell backdoors that can turn a single compromised laptop into a supply‑chain catastrophe—if you work on builds or CI, now’s the time to harden systems with hardware MFA, reproducible builds, and artifact signing.

QR codes Exclusive Threat: Pyongyang’s Dangerous Phishing
Think twice before you scan: the FBI warns North Korean hackers are using QR-based quishing to turn innocent-looking codes into multi-step traps that steal cloud credentials and bypass enterprise defenses.

QR codes Stunning Pyongyang Phishing Threat
QR codes have gone from handy shortcuts to attack vectors—North Korean actors are using QR-based phishing to steal cloud credentials by hiding multi-step payloads inside seemingly legitimate scans. The real question now isnt whether to scan, but how to verify what the square tells you.

US: Exclusive Five Plead Guilty in Damaging NK IT Fraud
Five people in the U.S. pleaded guilty this year to helping North Korean hackers secure remote IT jobs with American companies — a wake-up call that remote hiring can be manipulated to mask origins, launder pay, and funnel talent and cash back to Pyongyang.

North Korean Hackers Exclusive: Dangerous JSON Channels
What if your next dependency quietly pulled a malicious payload from an innocent-looking JSON? North Korean-linked actors are exploiting public JSON storage services like JSON Keeper, JSONsilo, and npoint.io to seed stealthy backdoors into developer supply chains and swap payloads on the fly to evade detection.

Android Devices Exclusive: KONNI APT Critical Alert
Imagine the smart display on your counter becoming the remote trigger that erases the phone in your pocket — researchers warn a North Korean-linked group called KONNI is abusing Google’s Find My Device and device-management features to remotely wipe Android devices. This tactic can destroy data, break two‑factor access and cripple businesses, a stark reminder that everyday conveniences can be weaponized for sabotage.

Lazarus Group Exclusive: Critical Threat to Europe’s Defense
Who’s stealing Europe’s drone blueprints — and why? Investigators now point to North Korea’s Lazarus Group and Operation DreamJob, a stealthy campaign targeting small defense firms to grab design files, accelerate domestic drone programs, and probe weaknesses in Europe’s nascent “drone wall.”

Lazarus Group Exclusive: Stunning Threat to EU Defense
Europe’s drone industry is being stalked by North Korea’s Lazarus Group, which used fake recruitment DreamJob lures to slip malware into engineers’ inboxes and siphon designs, test data and R&D secrets. The campaign shows how porous modern research networks are—and how cyber espionage can become a direct, strategic threat to EU defence and supply‑chain security.

Lazarus Group Exclusive: Dire Threat to European Defense
Who watches the watchers? Researchers say North Korea’s Lazarus Group—behind Operation “DreamJob”—has quietly infiltrated European drone and counter‑UAS R&D to steal designs, credentials and test data, putting the continent’s push for a layered “drone wall” at real risk of espionage, sabotage and costly setbacks.