ScarCruft Hacks Gaming Platform to Deploy BirdCall Malware on Android and Windows
Ravie LakshmananMay 05, 2026Cyber Espionage / Surveillance The North Korea-aligned state-sponsored hacking group known as ScarCruft has compromised a video...
North
North Korea’s APT37 Uses Facebook Social Engineering to Deliver RokRAT Malware
Ravie LakshmananApr 13, 2026Social Engineering / Threat Intelligence The North Korean hacking group tracked as APT37 (aka ScarCruft) has been attributed...
N. Korean Hackers Spread 1,700 Malicious Packages Across npm, PyPI, Go, Rust
The North Korea-linked persistent campaign known as Contagious Interview has spread its tentacles by publishing malicious packages targeting the Go, Rust, and...
North Korea–linked hackers drain $285M from Drift in sophisticated attack
North Korea–linked hackers drain $285M from Drift in sophisticated attack Pierluigi Paganini April 03, 2026 Drift lost $285M in a...
Frequently Asked Questions About the Axios npm Supply Chain Attack by North Korea-Nexus Threat Actor UNC1069
A North Korea-nexus threat actor compromised the widely used axios npm package, delivering a cross-platform remote access trojan to...
Google links Axios npm supply chain attack to North Korea-linked APT UNC1069
Google links Axios npm supply chain attack to North Korea-linked APT UNC1069 Pierluigi Paganini April 01, 2026 Google links the...
New North Korean AI Hiring Scheme Targets US Companies
Source: ChatGPT A suspected North Korean operative attempted to infiltrate a cybersecurity firm using a stolen identity and an AI-generated...
Before the Lights Go Out
How the ColorTokens Xshield platform and its integrated ecosystem stand between North America’s power grid and digital adversaries. Note:...
North Korea-linked threat actors abuse VS Code auto-run to spread StoatWaffle malware
North Korea-linked threat actors abuse VS Code auto-run to spread StoatWaffle malware Pierluigi Paganini March 24, 2026 North Korea-linked threat...
North Korean Hackers Abuse VS Code Auto-Run Tasks to Deploy StoatWaffle Malware
The North Korean threat actors behind the Contagious Interview campaign, also tracked as WaterPlum, have been attributed to a malware...
UNC4899 Breached Crypto Firm After Developer AirDropped Trojanized File to Work Device
Ravie LakshmananMar 09, 2026DevOps / Threat Intelligence The North Korean threat actor known as UNC4899 is suspected to be behind...
ScarCruft Uses Zoho WorkDrive and USB Malware to Breach Air-Gapped Networks
Ravie LakshmananFeb 27, 2026Malware / Surveillance The North Korean threat actor known as ScarCruft has been attributed to a fresh...
Lazarus Group Uses Medusa Ransomware in Middle East and U.S. Healthcare Attacks
Ravie LakshmananFeb 24, 2026Threat Intelligence / Healthcare The North Korea-linked Lazarus Group (aka Diamond Sleet and Pompilus) has been observed...
North Korean IT worker scam nets Ukrainian five-year sentence in the U.S.
North Korean IT worker scam nets Ukrainian five-year sentence in the U.S. Pierluigi Paganini February 20, 2026 A Ukrainian man...
Google Reports State-Backed Hackers Using Gemini AI for Recon and Attack Support
Ravie LakshmananFeb 12, 2026Cyber Espionage / Artificial Intelligence Google on Thursday said it observed the North Korea-linked threat actor known...
