#north-korea-cyber-threats
#north-korea-cyber-threats

[ follow ]

OpenAI Impacted by North Korea-Linked Axios Supply Chain Hack

OpenAI was affected by a supply chain attack involving malicious Axios packages attributed to North Korean hackers.

OpenAI expands access to cyber AI as hacking risks grow

OpenAI is shifting to a model that emphasizes identity verification for access to sensitive cybersecurity tools while expanding availability.

Information security

fromSecurityWeek

1 day ago

OpenAI Impacted by North Korea-Linked Axios Supply Chain Hack

OpenAI was affected by a supply chain attack involving malicious Axios packages attributed to North Korean hackers.

Information security

fromAxios

10 minutes ago

OpenAI expands access to cyber AI as hacking risks grow

OpenAI is shifting to a model that emphasizes identity verification for access to sensitive cybersecurity tools while expanding availability.

more#openai

Social media marketing

fromAxios

2 hours ago

The first AI-era war is a "slopaganda" battle to control memes

AI-generated content is rapidly spreading propaganda, making it easier for influencers to adopt conspiracy theories.

fromThe Hacker News

8 hours ago

Mirax Android RAT Turns Devices into SOCKS5 Proxies, Reaching 220,000 via Meta Ads

Mirax integrates advanced Remote Access Trojan (RAT) capabilities, allowing threat actors to fully interact with compromised devices in real time, enhancing its operational value significantly.

Roam Research

EU data protection

fromComputerWeekly.com

21 hours ago

UK reliance on US big tech companies is 'national security risk', claims report | Computer Weekly

The UK is at risk due to over-reliance on US tech companies for critical infrastructure, impacting national security.

Kraken Targeted by Extortion Group Threatening to Leak Internal Support Videos

Kraken will not pay ransom demanded by a criminal group threatening to release internal support videos.

Information security

fromFinbold

7 hours ago

Kraken insider extortion reveals remote work security blind spot

Kraken experienced an insider security breach affecting 2,000 client accounts, highlighting vulnerabilities in remote-first working models.

Information security

fromBitcoin Magazine

1 day ago

Crypto Exchange Kraken Faces Extortion Attempt After Insider Access Incidents Involving Support Staff

Kraken experienced two insider-related security incidents but confirmed no systems were breached and no client funds were at risk.

Cryptocurrency

fromnews.bitcoin.com

1 day ago

Kraken Targeted by Extortion Group Threatening to Leak Internal Support Videos

Kraken will not pay ransom demanded by a criminal group threatening to release internal support videos.

Information security

fromFinbold

7 hours ago

Kraken insider extortion reveals remote work security blind spot

Kraken experienced an insider security breach affecting 2,000 client accounts, highlighting vulnerabilities in remote-first working models.

Information security

fromBitcoin Magazine

1 day ago

Crypto Exchange Kraken Faces Extortion Attempt After Insider Access Incidents Involving Support Staff

Kraken experienced two insider-related security incidents but confirmed no systems were breached and no client funds were at risk.

Privacy technologies

Hackers Are Using Your Home Router to Spy on Microsoft 365 Users

fromFortune

4 days ago

Privacy professionals

First they went after medtech, then Kash Patel. Iranian hackers' next target is likely 'low-hanging fruit' in water, energy, and tourism, experts say | Fortune

fromSecuritymagazine

20 hours ago

Information security

Pro-Iranian Actor Claims L.A. Metro Cyberattack

fromFast Company

23 hours ago

Information security

Why the Iran cyberattack everyone warned about hasn't really happened yet

Information security

fromThe Hacker News

1 day ago

Weekly Recap: Fiber Optic Spying, Windows Rootkit, AI Vulnerability Hunting and More

A critical zero-day vulnerability in Adobe Acrobat Reader is actively exploited, alongside state-sponsored cyber threats targeting U.S. infrastructure.

Information security

fromSecurityWeek

4 days ago

In Other News: Cyberattack Stings Stryker, Windows Zero-Day, China Supercomputer Hack

Cybersecurity developments include discussions on AI risks, new malware targeting crypto wallets, and collaboration among Japanese corporations to enhance security.

Privacy technologies

fromYahoo Tech

4 days ago

Hackers Are Using Your Home Router to Spy on Microsoft 365 Users

Russian spies exploited consumer routers to steal Microsoft 365 credentials from thousands of users, turning home devices into espionage tools.

Privacy professionals

fromFortune

4 days ago

First they went after medtech, then Kash Patel. Iranian hackers' next target is likely 'low-hanging fruit' in water, energy, and tourism, experts say | Fortune

Iran-linked hackers are targeting high-profile figures and critical infrastructure in the U.S. and Israel to sow disruption.

fromSecuritymagazine

20 hours ago

Information security

Pro-Iranian Actor Claims L.A. Metro Cyberattack

Information security

fromFast Company

23 hours ago

Why the Iran cyberattack everyone warned about hasn't really happened yet

Iran-linked hackers have conducted minor cyberattacks in the U.S. but have focused on other regions with more significant incursions.

Information security

fromThe Hacker News

1 day ago

Weekly Recap: Fiber Optic Spying, Windows Rootkit, AI Vulnerability Hunting and More

A critical zero-day vulnerability in Adobe Acrobat Reader is actively exploited, alongside state-sponsored cyber threats targeting U.S. infrastructure.

Information security

fromSecurityWeek

4 days ago

In Other News: Cyberattack Stings Stryker, Windows Zero-Day, China Supercomputer Hack

Cybersecurity developments include discussions on AI risks, new malware targeting crypto wallets, and collaboration among Japanese corporations to enhance security.

US news

North Korea says its latest weapons tests included missiles with cluster-bomb warheads

fromwww.dw.com

6 days ago

World news

North Korea fires ballistic missiles toward sea

fromTechCrunch

1 week ago

Remote teams

Watch this video of how a job interviewer exposes a North Korean fake IT worker | TechCrunch

fromSecurityWeek

1 week ago

Cryptocurrency

North Korean Hackers Drain $285 Million From Drift in 10 Seconds

fromThe Hacker News

3 weeks ago

Node JS

North Korean Hackers Abuse VS Code Auto-Run Tasks to Deploy StoatWaffle Malware

fromThe Hacker News

6 days ago

Information security

N. Korean Hackers Spread 1,700 Malicious Packages Across npm, PyPI, Go, Rust

fromwww.npr.org

5 days ago

US news

North Korea says its latest weapons tests included missiles with cluster-bomb warheads

fromwww.dw.com

6 days ago

World news

North Korea fires ballistic missiles toward sea

fromTechCrunch

1 week ago

Remote teams

Watch this video of how a job interviewer exposes a North Korean fake IT worker | TechCrunch

Cryptocurrency

fromSecurityWeek

1 week ago

North Korean Hackers Drain $285 Million From Drift in 10 Seconds

A North Korean threat actor executed a $285 million heist from the Drift DeFi platform using sophisticated techniques and pre-signed transactions.

Node JS

fromThe Hacker News

3 weeks ago

North Korean Hackers Abuse VS Code Auto-Run Tasks to Deploy StoatWaffle Malware

North Korean threat actors use StoatWaffle malware via malicious VS Code projects to steal data and execute commands on infected systems.

Information security

fromThe Hacker News

6 days ago

N. Korean Hackers Spread 1,700 Malicious Packages Across npm, PyPI, Go, Rust

Contagious Interview campaign targets Go, Rust, and PHP ecosystems with malicious packages that function as malware loaders.

North Korea's APT37 Uses Facebook Social Engineering to Deliver RokRAT Malware

APT37 employs social engineering on Facebook to deliver RokRAT via a compromised PDF viewer.

Information security

fromSecurityWeek

1 month ago

North Korean APT Targets Air-Gapped Systems in Recent Campaign

APT37 deployed five new malicious tools in the Ruby Jumper campaign targeting air-gapped systems using USB-based data exfiltration and persistence mechanisms.

Information security

fromThe Hacker News

1 day ago

North Korea's APT37 Uses Facebook Social Engineering to Deliver RokRAT Malware

APT37 employs social engineering on Facebook to deliver RokRAT via a compromised PDF viewer.

Information security

fromSecurityWeek

1 month ago

North Korean APT Targets Air-Gapped Systems in Recent Campaign

APT37 deployed five new malicious tools in the Ruby Jumper campaign targeting air-gapped systems using USB-based data exfiltration and persistence mechanisms.

North Korean hackers implicated in major supply chain attack

A compromised maintainer account for the Axios npm package led to the publication of malicious software versions targeting various operating systems.

Information security

fromTechzine Global

1 week ago

North Korea behind social engineering attack on Axios project

Attackers compromised the Axios maintainer's account through social engineering, publishing malicious versions that installed a Remote Access Trojan on victims' systems.

Node JS

fromAxios

2 weeks ago

North Korean hackers implicated in major supply chain attack

A compromised maintainer account for the Axios npm package led to the publication of malicious software versions targeting various operating systems.

Information security

fromTechzine Global

1 week ago

North Korea behind social engineering attack on Axios project

Attackers compromised the Axios maintainer's account through social engineering, publishing malicious versions that installed a Remote Access Trojan on victims' systems.

more#axios

Privacy professionals

fromTechCrunch

6 days ago

Hack-for-hire group caught targeting Android devices and iCloud backups | TechCrunch

A hack-for-hire group is targeting journalists and officials in the Middle East and North Africa using phishing and spyware tactics.

fromSecurityWeek

9 hours ago

Triad Nexus Evades Sanctions to Fuel Cybercrime

Triad Nexus has reinstated its global fraud engine, shifting its focus toward emerging markets while maintaining a persistent threat to Western enterprise assets.

Information security

World politics

fromThe Hacker News

2 weeks ago

We Are At War

Rising geopolitical tensions are increasingly intertwined with cyber operations and the politicization of technology.

Privacy professionals

fromElectronic Frontier Foundation

6 days ago

Banning New Foreign Routers Mistargets Products to Fix Real Problem

The FCC has banned foreign-made routers from U.S. sale due to security concerns, impacting consumer options without effectively addressing vulnerabilities.

Information security

fromTheregister

7 hours ago

0APT ransomware gang extorts Krybit amid doxxing threat

0APT threatens to expose Krybit members, highlighting the bizarre rivalry between ransomware gangs.

Remote teams

fromTheregister

3 weeks ago

North Korean's 100k fake IT workers net $500M a year for Kim

North Korea operates a sophisticated fake IT worker scheme generating $500 million annually, with over 100,000 operatives in 40 countries infiltrating companies to steal money and sensitive information.

World politics

fromwww.dw.com

3 weeks ago

North Korea watches and learns as US attacks Iran

North Korea views Iran's vulnerability to military attacks as proof that nuclear weapons are essential for regime survival and will abandon any nuclear negotiations.

Information security

fromTheregister

22 hours ago

Ransomware scum, other crims exploit 4 old Microsoft bugs

Four Microsoft vulnerabilities are actively exploited, including one from 2012, prompting CISA to urge federal agencies to patch them within two weeks.

#phishing

fromTechzine Global

10 hours ago

Information security

Attackers are targeting developers via Slack and Google Sites

A targeted phishing campaign exploits trust in the open-source community, tricking developers into providing credentials and installing malicious software.

Information security

fromTheregister

6 days ago

Hundreds compromised daily in Microsoft device code phishes

A Microsoft device-code phishing campaign is compromising hundreds of organizations daily, utilizing AI and automation to steal financial data.

Information security

fromTechzine Global

10 hours ago

Attackers are targeting developers via Slack and Google Sites

A targeted phishing campaign exploits trust in the open-source community, tricking developers into providing credentials and installing malicious software.

Information security

fromTheregister

6 days ago

Hundreds compromised daily in Microsoft device code phishes

A Microsoft device-code phishing campaign is compromising hundreds of organizations daily, utilizing AI and automation to steal financial data.

Hack at Anodot leaves over a dozen breached companies facing extortion | TechCrunch

Hackers stole data from multiple companies after breaching Anodot, exposing customers to extortion and potential data publication.

Information security

fromSecurityWeek

1 day ago

Fake Claude Website Distributes PlugX RAT

A fake Anthropic Claude website distributed a remote access trojan disguised as a legitimate application download.

Information security

fromTechzine Global

4 days ago

Android trojan linked to Cambodia following anomalous DNS spike

A banking Trojan operating from Cambodia registers 35 new domains monthly, targeting users in 21 countries and exploiting fake apps for fraud.

Information security

fromFortune

4 days ago

Anthropic's Mythos is a wake up call, but experts say the era of AI-driven hacking is already here | Fortune

Anthropic's Mythos AI model is too dangerous to release widely due to its ability to exploit software vulnerabilities.

Information security

fromThe Hacker News

5 days ago

ThreatsDay Bulletin: Hybrid P2P Botnet, 13-Year-Old Apache RCE and 18 More Stories

A new variant of the Phorpiex botnet combines traditional and peer-to-peer communication, facilitating sophisticated malware operations and high-volume spam.

Information security

fromThe Hacker News

1 week ago

DPRK-Linked Hackers Use GitHub as C2 in Multi-Stage Attacks Targeting South Korea

DPRK-linked threat actors use GitHub for command-and-control in attacks on South Korean organizations, employing obfuscated LNK files and PowerShell scripts.

Information security

fromWIRED

6 days ago

Iran-Linked Hackers Are Sabotaging US Energy and Water Infrastructure

Iran has launched a hacking campaign targeting US industrial control systems, causing disruptions in critical infrastructure.

Information security

fromThe Hacker News

1 week ago

Drift Loses $285 Million in Durable Nonce Social Engineering Attack Linked to DPRK

Drift decentralized exchange lost $285 million due to a sophisticated attack involving unauthorized access and social engineering.

Information security

fromSecurityWeek

2 weeks ago

Stolen Logins Are Fueling Everything From Ransomware to Nation-State Cyberattacks

Stolen credentials significantly enhance ransomware attacks, enabling illegitimate access and operational disruption within networks.

Information security

fromSecurityWeek

1 month ago

Iran-Linked Hackers Take Aim at US and Other Targets, Raising Risk of Cyberattacks During War

Pro-Iranian hackers are expanding cyberattacks from the Middle East into the United States, targeting defense contractors, medical device companies, and critical infrastructure like power stations and water plants.

fromwww.theguardian.com

1 month ago

North Korean agents using AI to trick western firms into hiring them, Microsoft says

The scam typically involves state-backed fraudsters applying for remote IT work in the west, using fake identities and the help of facilitators in the country where the company targeted is based. Once hired, they send their wages back to Kim Jong-un's state and have even been known to threaten to release sensitive company data after being fired.

Information security

fromThe Hacker News

1 month ago

North Korean Hackers Publish 26 npm Packages Hiding Pastebin C2 for Cross-Platform RAT

North Korean threat actors deployed 26 malicious npm packages using steganography to hide command-and-control infrastructure in Pastebin essays, targeting developers with credential stealers and remote access trojans.

Information security

fromComputerworld

1 month ago

Iranian cyberattacks fail to materialize but threat remains acute

Iranian cyber groups will likely escalate from current low-level activity to destructive wiper attacks despite a temporary lull following US-Israeli military operations.

Information security

fromTheregister

1 month ago

Suspected Nork intruders infecting US healthcare, education

North Korean-linked hackers deployed a new backdoor called Dohdoor to infect US education and healthcare institutions since December for financial gain.

fromThe Hacker News

2 months ago

North Korea-Linked UNC1069 Uses AI Lures to Attack Cryptocurrency Organizations

The North Korea-linked threat actor known as UNC1069 has been observed targeting the cryptocurrency sector to steal sensitive data from Windows and macOS systems with the ultimate goal of facilitating financial theft. "The intrusion relied on a social engineering scheme involving a compromised Telegram account, a fake Zoom meeting, a ClickFix infection vector, and reported usage of AI-generated video to deceive the victim," Google Mandiant researchers Ross Inman and Adrian Hernandez said.

Information security

fromThe Hacker News

2 months ago

North Korea-Linked Hackers Target Developers via Malicious VS Code Projects

North Korean threat actors use malicious VS Code projects and task configs to deliver backdoors (BeaverTail, InvisibleFerret) via Vercel-hosted payloads.

fromSecurityWeek

2 months ago

Cyber Insights 2026: Cyberwar and Rising Nation State Threats

Entering the cyber world is stepping into a warzone. Cyber is considered a war zone, and what happens there is described as cyberwar. But it's not that simple. War is conducted by nations (political), not undertaken by criminals (financial). Both are increasing in this war zone we call cyber, but the political threat is growing fast. Cyberwar is a complex subject, and a formal definition is difficult.

Information security

#cyber-espionage

fromwww.mercurynews.com

2 months ago

Information security

Asian hackers hit sensitive targets in 37 nations in spying plot

fromThe Hacker News

2 months ago

Information security

Asian State-Backed Group TGR-STA-1030 Breaches 70 Government, Infrastructure Entities

fromwww.mercurynews.com

2 months ago

Information security

Asian hackers hit sensitive targets in 37 nations in spying plot

fromThe Hacker News

2 months ago

Information security

Asian State-Backed Group TGR-STA-1030 Breaches 70 Government, Infrastructure Entities

Google Links China, Iran, Russia, North Korea to Coordinated Defense Sector Cyber Operations

State-sponsored and criminal actors from China, Iran, North Korea, and Russia target the defense industrial base, prioritizing drones, hiring exploitation, edge-device access, and supply-chain risk.

Information security

fromThe Hacker News

2 months ago

North Korean PurpleBravo Campaign Targeted 3,136 IP Addresses via Fake Job Interviews

North Korean-linked PurpleBravo targeted 3,136 IPs and 20 organizations across sectors and regions using malicious developer tools and job-seeker lures.

[ Load more ]

#north-korea-cyber-threats#north-korea-cyber-threats

OpenAI Impacted by North Korea-Linked Axios Supply Chain Hack

OpenAI expands access to cyber AI as hacking risks grow

OpenAI Impacted by North Korea-Linked Axios Supply Chain Hack

OpenAI expands access to cyber AI as hacking risks grow

The first AI-era war is a "slopaganda" battle to control memes

Mirax Android RAT Turns Devices into SOCKS5 Proxies, Reaching 220,000 via Meta Ads

UK reliance on US big tech companies is 'national security risk', claims report | Computer Weekly

Kraken Targeted by Extortion Group Threatening to Leak Internal Support Videos

Kraken insider extortion reveals remote work security blind spot

Crypto Exchange Kraken Faces Extortion Attempt After Insider Access Incidents Involving Support Staff

Kraken Targeted by Extortion Group Threatening to Leak Internal Support Videos

Kraken insider extortion reveals remote work security blind spot

Crypto Exchange Kraken Faces Extortion Attempt After Insider Access Incidents Involving Support Staff

Hackers Are Using Your Home Router to Spy on Microsoft 365 Users

First they went after medtech, then Kash Patel. Iranian hackers' next target is likely 'low-hanging fruit' in water, energy, and tourism, experts say | Fortune

Pro-Iranian Actor Claims L.A. Metro Cyberattack

Why the Iran cyberattack everyone warned about hasn't really happened yet

Weekly Recap: Fiber Optic Spying, Windows Rootkit, AI Vulnerability Hunting and More

In Other News: Cyberattack Stings Stryker, Windows Zero-Day, China Supercomputer Hack

Hackers Are Using Your Home Router to Spy on Microsoft 365 Users

First they went after medtech, then Kash Patel. Iranian hackers' next target is likely 'low-hanging fruit' in water, energy, and tourism, experts say | Fortune

Pro-Iranian Actor Claims L.A. Metro Cyberattack

Why the Iran cyberattack everyone warned about hasn't really happened yet

Weekly Recap: Fiber Optic Spying, Windows Rootkit, AI Vulnerability Hunting and More

In Other News: Cyberattack Stings Stryker, Windows Zero-Day, China Supercomputer Hack

North Korea says its latest weapons tests included missiles with cluster-bomb warheads

North Korea fires ballistic missiles toward sea

Watch this video of how a job interviewer exposes a North Korean fake IT worker | TechCrunch

North Korean Hackers Drain $285 Million From Drift in 10 Seconds

North Korean Hackers Abuse VS Code Auto-Run Tasks to Deploy StoatWaffle Malware

N. Korean Hackers Spread 1,700 Malicious Packages Across npm, PyPI, Go, Rust

North Korea says its latest weapons tests included missiles with cluster-bomb warheads

North Korea fires ballistic missiles toward sea

Watch this video of how a job interviewer exposes a North Korean fake IT worker | TechCrunch

North Korean Hackers Drain $285 Million From Drift in 10 Seconds

North Korean Hackers Abuse VS Code Auto-Run Tasks to Deploy StoatWaffle Malware

N. Korean Hackers Spread 1,700 Malicious Packages Across npm, PyPI, Go, Rust

North Korea's APT37 Uses Facebook Social Engineering to Deliver RokRAT Malware

North Korean APT Targets Air-Gapped Systems in Recent Campaign

North Korea's APT37 Uses Facebook Social Engineering to Deliver RokRAT Malware

North Korean APT Targets Air-Gapped Systems in Recent Campaign

North Korean hackers implicated in major supply chain attack

North Korea behind social engineering attack on Axios project

North Korean hackers implicated in major supply chain attack

North Korea behind social engineering attack on Axios project

Hack-for-hire group caught targeting Android devices and iCloud backups | TechCrunch

Triad Nexus Evades Sanctions to Fuel Cybercrime

We Are At War

Banning New Foreign Routers Mistargets Products to Fix Real Problem

0APT ransomware gang extorts Krybit amid doxxing threat

North Korean's 100k fake IT workers net $500M a year for Kim

North Korea watches and learns as US attacks Iran

Ransomware scum, other crims exploit 4 old Microsoft bugs

Attackers are targeting developers via Slack and Google Sites

Hundreds compromised daily in Microsoft device code phishes

Attackers are targeting developers via Slack and Google Sites

Hundreds compromised daily in Microsoft device code phishes

Hack at Anodot leaves over a dozen breached companies facing extortion | TechCrunch

Fake Claude Website Distributes PlugX RAT

Android trojan linked to Cambodia following anomalous DNS spike

Anthropic's Mythos is a wake up call, but experts say the era of AI-driven hacking is already here | Fortune

ThreatsDay Bulletin: Hybrid P2P Botnet, 13-Year-Old Apache RCE and 18 More Stories

DPRK-Linked Hackers Use GitHub as C2 in Multi-Stage Attacks Targeting South Korea

Iran-Linked Hackers Are Sabotaging US Energy and Water Infrastructure

Drift Loses $285 Million in Durable Nonce Social Engineering Attack Linked to DPRK

Stolen Logins Are Fueling Everything From Ransomware to Nation-State Cyberattacks

Iran-Linked Hackers Take Aim at US and Other Targets, Raising Risk of Cyberattacks During War

North Korean agents using AI to trick western firms into hiring them, Microsoft says

North Korean Hackers Publish 26 npm Packages Hiding Pastebin C2 for Cross-Platform RAT

Iranian cyberattacks fail to materialize but threat remains acute

Suspected Nork intruders infecting US healthcare, education

North Korea-Linked UNC1069 Uses AI Lures to Attack Cryptocurrency Organizations

North Korea-Linked Hackers Target Developers via Malicious VS Code Projects

Cyber Insights 2026: Cyberwar and Rising Nation State Threats

Asian hackers hit sensitive targets in 37 nations in spying plot

Asian State-Backed Group TGR-STA-1030 Breaches 70 Government, Infrastructure Entities

Asian hackers hit sensitive targets in 37 nations in spying plot

Asian State-Backed Group TGR-STA-1030 Breaches 70 Government, Infrastructure Entities

Google Links China, Iran, Russia, North Korea to Coordinated Defense Sector Cyber Operations

#north-korea-cyber-threats
#north-korea-cyber-threats