Google's Threat Analysis Group (TAG) says North Korean state hackers are again targeting security researchers in attacks using at least one zero-day in an undisclosed popular software.
North Korean state-sponsored hackers have uploaded malicious packages to the PyPI (Python Package Index) repository, camouflaging one of them as a VMware vSphere connector module named vConnector.
The North Korean state-backed hacker group tracked as Lazarus has been exploiting a critical vulnerability (CVE-2022-47966) in Zoho's ManageEngine ServiceDesk to compromise an internet backbone infrastructure provider and healthcare organizations.
The FBI warned that North Koreans are likely readying to cash out tens of millions worth of stolen cryptocurrency out of hundreds of millions stolen in the last year alone.
The North Korean state-sponsored hacking group ScarCruft has been linked to a cyberattack on the IT infrastructure and email server for NPO Mashinostroyeniya, a Russian space rocket designer and intercontinental ballistic missile engineering organization.
Estonian crypto-payments service provider CoinsPaid has announced that it experienced a cyber attack on July 22nd, 2023, that resulted in the theft of $37,200,000 worth of cryptocurrency.
Blockchain analysts blame the North Korean Lazarus hacking group for a recent attack on payment processing platform Alphapo where the attackers stole almost $60 million in crypto.
The North Korean state-sponsored Lazarus hacking group is breaching Windows Internet Information Service (IIS) web servers to hijack them for malware distribution.
A hacking unit of North Korea's Reconnaissance General Bureau (RGB) was linked to the JumpCloud breach after the attackers made an operational security (OPSEC) mistake, inadvertently exposing their real-world IP addresses.
GitHub is warning of a social engineering campaign targeting the accounts of developers in the blockchain, cryptocurrency, online gambling, and cybersecurity sectors to infect their devices with malware.
US-based enterprise software company JumpCloud was breached by North Korean Lazarus Group hackers, according to security researchers at SentinelOne, CrowdStrike, and Mandiant.
Security analysts have discovered a previously undocumented remote access trojan (RAT) named 'EarlyRAT,' used by Andariel, a sub-group of the Lazarus North Korean state-sponsored hacking group.
The notorious North Korean hacking group known as Lazarus has been linked to the recent Atomic Wallet hack, resulting in the theft of over $35 million in crypto.
State-sponsored North Korean hacker group Kimsuky (a.ka. APT43) has been impersonating journalists and academics for spear-phishing campaigns to collect intelligence from think tanks, research centers, academic institutions, and various media organizations.
The notorious North Korean state-backed hackers, known as the Lazarus Group, are now targeting vulnerable Windows Internet Information Services (IIS) web servers to gain initial access to corporate networks.
The Treasury Department's Office of Foreign Assets Control (OFAC) announced sanctions today against four entities and one individual for their involvement in illicit IT worker schemes and cyberattacks generating revenue to finance North Korea's weapons development programs.
The Korean National Police Agency (KNPA) warned that North Korean hackers had breached the network of one of the country's largest hospitals, Seoul National University Hospital (SNUH), to steal sensitive medical information and personal details.
The North Korean Kimsuky hacking group has been observed employing a new version of its reconnaissance malware, now called 'ReconShark,' in a cyberespionage campaign with a global reach.
A new Lazarus campaign considered part of "Operation DreamJob" has been discovered targeting Linux users with malware for the first time.
VoIP communications company 3CX confirmed today that a North Korean hacking group was behind last month's supply chain attack.