North Korea Uses GitHub in Diplomat Cyber Attacks as IT Worker Scheme Hits 320+ Firms
North Korean group Kimsuky used spear-phishing, cloud storage, and GitHub-based command-and-control to deploy Xeno RAT against South Korean diplomatic missions March–July 2025.
Kimsuky Exploits BlueKeep RDP Vulnerability to Breach Systems in South Korea and Japan
Kimsuky exploits a patched vulnerability in Microsoft Remote Desktop Services to gain access during a new malicious campaign targeting various sectors.