Technical analysis of DPRK's developer-targeted supply chain attacks via malicious repositories

Weekly insights on threats, vulnerabilities, and security best practices.

Analysis of North Korean threat actors using malicious Next.js repositories in fake job recruitment campaigns to establish persistent access to developer workstations.

North Korean threat actors deploy AI-generated video content and ClickFix social engineering to distribute cross-platform malware targeting cryptocurrency sector assets.

Analysis of The Com cybercrime collective's attack chain targeting children and teenagers, revealing sophisticated social engineering tactics that organizations must understand to protect their youngest stakeholders.