A North Korean hacking group is hijacking the job hunt by hiding malware in fake technical assessments, infecting developers and spreading malicious code across the global software supply chain.
#North Korean hackers | #malware outbreak | #software development
North Korea’s HexagonalRodent cell, part of the notorious Lazarus group, is using fake coding challenges and AI-powered malware to compromise thousands of developer systems and steal millions in cryptocurrency.
Microsoft has uncovered a North Korean cyber operation—Jasper Sleet—that infiltrates companies by posing as fake IT hires, using AI-generated identities and advanced HR platform abuse.
North Korean threat actors are tricking macOS users with fake job offers and malicious AppleScript updates. Microsoft’s investigation reveals how Sapphire Sleet bypasses Apple’s security controls using social engineering, credential harvesting, and multi-stage malware.
#North Korean Hackers | #Social Engineering | #macOS Security
A new North Korean cyber campaign targets macOS users with a fake Zoom SDK update, using social engineering to bypass Apple security and steal credentials, crypto assets, and sensitive data. Microsoft and Apple have issued updates, but user vigilance is now the last line of defense.
#North Korean hackers | #social engineering | #macOS security
A North Korean-linked supply chain attack on the popular Axios library forced OpenAI to revoke its macOS app certificate. This incident highlights the growing risks lurking in trusted open-source software and pushes the tech world to rethink how it secures its digital pipelines.
North Korean cybercriminals are leveraging fake Zoom and Teams meetings to infiltrate cryptocurrency and open-source communities. By masquerading as trusted contacts and using real business tools, they deliver malware with minimal user interaction—threatening both digital assets and the software supply chain.
A sweeping North Korean cyber campaign has planted over 1,700 malicious packages across npm, PyPI, Go, Rust, and PHP, targeting developers with stealthy malware. The Contagious Interview operation marks a new escalation in supply chain threats, blending technical cunning with social engineering to compromise software at its source.
#North Korean hackers | #open-source attack | #cyber-espionage
A deep dive into the Axios cyberattack: North Korean hackers used a fake Slack to infiltrate open-source software, exposing the risks of trust and collaboration in today’s tech landscape.
North Korean hackers have launched advanced multi-stage attacks on South Korea, using GitHub as a covert command center while leveraging legitimate Windows tools for stealth and persistence. This new wave of cybercrime blends seamlessly with everyday internet traffic, making detection increasingly difficult.
#North Korean hackers | #GitHub exploitation | #cyber attacks