A new North Korean cyber campaign targets macOS users with a fake Zoom SDK update, using social engineering to bypass Apple security and steal credentials, crypto assets, and sensitive data. Microsoft and Apple have issued updates, but user vigilance is now the last line of defense.
#North Korean hackers | #social engineering | #macOS security
A North Korean-linked supply chain attack on the popular Axios library forced OpenAI to revoke its macOS app certificate. This incident highlights the growing risks lurking in trusted open-source software and pushes the tech world to rethink how it secures its digital pipelines.
North Korean cybercriminals are leveraging fake Zoom and Teams meetings to infiltrate cryptocurrency and open-source communities. By masquerading as trusted contacts and using real business tools, they deliver malware with minimal user interaction—threatening both digital assets and the software supply chain.
A sweeping North Korean cyber campaign has planted over 1,700 malicious packages across npm, PyPI, Go, Rust, and PHP, targeting developers with stealthy malware. The Contagious Interview operation marks a new escalation in supply chain threats, blending technical cunning with social engineering to compromise software at its source.
#North Korean hackers | #open-source attack | #cyber-espionage
A deep dive into the Axios cyberattack: North Korean hackers used a fake Slack to infiltrate open-source software, exposing the risks of trust and collaboration in today’s tech landscape.
North Korean hackers have launched advanced multi-stage attacks on South Korea, using GitHub as a covert command center while leveraging legitimate Windows tools for stealth and persistence. This new wave of cybercrime blends seamlessly with everyday internet traffic, making detection increasingly difficult.
#North Korean hackers | #GitHub exploitation | #cyber attacks
North Korean hackers, masquerading as a legitimate trading firm, spent months building trust with Drift Protocol before executing a $285 million heist—proving that in crypto, even face-to-face partnerships can be a front for cybercrime.
#North Korean hackers | #Drift Protocol | #social engineering
North Korean cybercriminals are exploiting fake Microsoft Teams domains and elaborate social engineering to target business professionals with malware. Learn how these attacks work and how to stay protected.
#North Korean hackers | #Microsoft Teams | #social engineering
North Korean threat actors are impersonating Microsoft Teams to trick business professionals into downloading malware. Discover how the elaborate scam operates and what steps you can take to stay safe.
A North Korean cybercrime group is targeting Node.js maintainers with elaborate fake recruiter scams, aiming to compromise open source projects and endanger millions of users through supply chain attacks.
#North Korean Hackers | #Supply Chain Attack | #Social Engineering