Lazarus Group deceives developers with 6 new malicious npm packages
Socket researchers said the malware-ridden packages were collectively downloaded over 330 times. GitHub removed all of the malicious packages Wednesday.
Advertisement
North Korea
Crypto analysts stunned by Lazarus Group’s capabilities in $1.46B Bybit theft
The amount stolen last week surpasses what the group was able to steal in all of 2024.
U.S. adversaries increasingly turning to cybercriminals and their malware for help
A Google Threat Intelligence Group report notes that Russia in particular has been doing this since the Ukraine war began.
Google’s John Hultquist on how APTs are using generative AI
John Hultquist, Chief Analyst for Google Threat Intelligence Group
DOJ indicts five in North Korean fake IT worker scheme
The department alleges that a North Carolina-based laptop farm enabled access for two North Korean nationals over the course of the scheme.
Treasury sanctions North Korea over remote IT worker schemes
The North Korean office responsible for the scheme, Department 53, was created to funnel money back into the country’s weapons programs.
Advertisement
South Korea sanctions 15 North Koreans for IT worker scams, financial hacking schemes
The individuals are allegedly working for North Korea’s 313th General Bureau, under the DPRK’s Ministry of Munitions Industry.
Court indicts 14 North Korean IT workers tied to $88 million in illicit gains
It’s part of a broader effort to counter Pyongyang’s use of tech professionals to fool U.S. companies and nonprofits.
Appeals court tosses sanctions on Tornado Cash crypto mixer
The mixer was sanctioned after a North Korea hacking group used the software to launder more than $455 million.
North Korean-linked hackers were caught experimenting with new macOS malware
Researchers can’t tell if the malware was used in a campaign, or North Korean operatives were caught before they could deploy it in the wild.