North Korean threat actor compromises 70M+ weekly downloads with cross-platform malware via maintainer credential theft
Weekly insights on threats, vulnerabilities, and security best practices.
North Korean threat actors published 26 malicious npm packages masquerading as developer tools, using Pastebin content as dead drop resolvers for C2 communications in targeted supply chain attacks.
North Korean threat actors leverage AI-powered deepfakes, automated communication, and identity fabrication to infiltrate IT organizations for sustained access and intelligence collection.
Analysis of North Korean threat actors using malicious Next.js repositories in fake job recruitment campaigns to establish persistent access to developer workstations.
