BeaverTail Archives • Daily CyberSecurity

North Korea-Aligned Void Dokkaebi Evolves with Binary Obfuscation Void Dokkaebi Cython malware

North Korea-Aligned Void Dokkaebi Evolves with Binary Obfuscation

Do Son May 28, 2026

North Korea-aligned threat actors are updating their malicious toolsets to target software developers globally. Specifically, TrendAI Research...

Inside “HexagonalRodent”: The AI-Powered DPRK Syndicate Hauling Millions in Crypto HexagonalRodent Malware Web3 Developer Scams

Inside “HexagonalRodent”: The AI-Powered DPRK Syndicate Hauling Millions in Crypto

Do Son April 27, 2026

The digital asset landscape is under siege by a highly active, North Korean-linked threat group that has...

Fake Jobs, Real Theft: “Contagious Interview” Malware Drains Crypto Wallets Contagious Interview Campaign MetaMask Malware

Fake Jobs, Real Theft: “Contagious Interview” Malware Drains Crypto Wallets

Do Son February 18, 2026

A notorious North Korean cyber espionage campaign targeting the tech sector has evolved with a dangerous new...

“Contagious Interview”: How North Korean Hackers Use Fake Jobs to Breach IT Firms PurpleBravo Contagious Interview

“Contagious Interview”: How North Korean Hackers Use Fake Jobs to Breach IT Firms

Do Son January 27, 2026

The perfect job offer landed in your inbox. The recruiter was polite, the company looked legitimate, and...

North Korea’s “Contagious Interview” Floods npm with 200 New Packages, Using Fake Crypto Jobs to Deploy OtterCookie Spyware BlueNoroff macOS Attack GhostCall Campaign Carding Underground Bulletproof Hosting DPRK Contagious Interview, npm Flood Stonefly group -HiatusRAT Actors

BlueNoroff macOS Attack GhostCall Campaign Carding Underground Bulletproof Hosting DPRK Contagious Interview, npm Flood Stonefly group -HiatusRAT Actors

North Korea’s “Contagious Interview” Floods npm with 200 New Packages, Using Fake Crypto Jobs to Deploy OtterCookie Spyware

Do Son December 1, 2025

A relentless state-sponsored campaign by North Korean threat actors is aggressively targeting blockchain and Web3 developers by...

North Korea’s Contagious Interview APT Uses JSON Keeper and GitLab to Deliver BeaverTail Spyware North Korean Laptop Farm DPRK Insider Threat North Korea WMD Cyber Funding, Australia Sanctions Insider threat, North Korean hackers Kimsuky, cyber-espionage NPM Malware, North Korea Cyber-espionage North Korea, Remote IT Job Scam Laptop Farm - DriverEasy - Kimsuky Watering Hole Attack

North Korean Laptop Farm DPRK Insider Threat North Korea WMD Cyber Funding, Australia Sanctions Insider threat, North Korean hackers Kimsuky, cyber-espionage NPM Malware, North Korea Cyber-espionage North Korea, Remote IT Job Scam Laptop Farm - DriverEasy - Kimsuky Watering Hole Attack

North Korea’s Contagious Interview APT Uses JSON Keeper and GitLab to Deliver BeaverTail Spyware

Do Son November 17, 2025

Security researchers at NVISO have identified a significant evolution in the long-running Contagious Interview malware campaign, a...

North Korea’s Famous Chollima APT Uses Trojanized Node.js App to Deploy OtterCookie RAT for Crypto Theft

Do Son October 17, 2025

A new report from Cisco Talos has exposed a malware campaign linked to Famous Chollima, a North...

North Korean APT “Contagious Interview” Floods npm Registry with 338 Malicious Packages to Steal Crypto North Korean Laptop Farm DPRK Insider Threat North Korea WMD Cyber Funding, Australia Sanctions Insider threat, North Korean hackers Kimsuky, cyber-espionage NPM Malware, North Korea Cyber-espionage North Korea, Remote IT Job Scam Laptop Farm - DriverEasy - Kimsuky Watering Hole Attack

North Korean APT “Contagious Interview” Floods npm Registry with 338 Malicious Packages to Steal Crypto

Do Son October 11, 2025

The Socket Threat Research Team has sounded the alarm on an escalating wave of malicious npm activity...

North Korean Hackers Evolve Tactics with New Malware Campaign North Korea malware North Korea, OFAC sanctions DPRK AI hiring, Wagemole campaigns

North Korea malware North Korea, OFAC sanctions DPRK AI hiring, Wagemole campaigns

North Korean Hackers Evolve Tactics with New Malware Campaign

Do Son September 19, 2025

GitLab Threat Intelligence has published a detailed analysis of a new malware campaign linked to North Korean...

XORIndex: North Korea’s Evolving Supply Chain Malware Targets npm Ecosystem Again NPM Supply Chain, North Korea Malware

XORIndex: North Korea’s Evolving Supply Chain Malware Targets npm Ecosystem Again

Do Son July 15, 2025

A new chapter in the ongoing Contagious Interview campaign has emerged, as the Socket Threat Research Team...

North Korean APT Launches Massive npm Supply Chain Attack: Typosquatting & Fake Jobs Steal Crypto from Devs npm Supply Chain Attack, North Korean APT

npm Supply Chain Attack, North Korean APT

North Korean APT Launches Massive npm Supply Chain Attack: Typosquatting & Fake Jobs Steal Crypto from Devs

Do Son June 26, 2025

In a detailed expose, the Socket Threat Research Team has uncovered an ongoing and highly targeted supply...

North Korean APT ‘Contagious Interview’ Launches Fake Crypto Companies to Spread Malware Trio North Korea malware North Korea, OFAC sanctions DPRK AI hiring, Wagemole campaigns

North Korean APT ‘Contagious Interview’ Launches Fake Crypto Companies to Spread Malware Trio

Do Son April 28, 2025

Threat analysts at Silent Push have uncovered a new campaign orchestrated by the North Korean state-sponsored APT...

Russian IP Networks Fuel North Korea’s Global Cybercrime and Espionage Campaigns North Korea, Russian infrastructure

Russian IP Networks Fuel North Korea’s Global Cybercrime and Espionage Campaigns

Do Son April 25, 2025

A revealing new report from Trend Micro uncovers how Russian IP infrastructure is playing a pivotal role...

Beware the Bait: BeaverTail and Tropidoor Malware Lurk in Recruitment Emails WhatsApp Worm, Brazilian Banking Trojan LAPSUS$ Alliance, Scattered Spider Ransomware, Cybercrime RedCurl APT group Russian Cyberespionage, ApolloShadow Malware

WhatsApp Worm, Brazilian Banking Trojan LAPSUS$ Alliance, Scattered Spider Ransomware, Cybercrime RedCurl APT group Russian Cyberespionage, ApolloShadow Malware

Beware the Bait: BeaverTail and Tropidoor Malware Lurk in Recruitment Emails

Do Son April 4, 2025

A recent analysis by the AhnLab Security Intelligence Center (ASEC) has uncovered a particularly insidious campaign involving...

North Korea’s IT Worker Scam: How the Regime Infiltrates Global Tech Firms for Cyber Espionage

Do Son February 16, 2025

Cybersecurity researchers at Insikt Group have uncovered a sophisticated North Korean IT worker scam designed to infiltrate...

“OtterCookie” Malware Nibbles at Developers in “Contagious Interview” Campaign SonicWall Reconnaissance Akira Ransomware residential proxy malware TraderTraitor BreachForums Honeypot, French Interior Ministry Leak

SonicWall Reconnaissance Akira Ransomware residential proxy malware TraderTraitor BreachForums Honeypot, French Interior Ministry Leak

“OtterCookie” Malware Nibbles at Developers in “Contagious Interview” Campaign

Do Son December 26, 2024

Cybersecurity researchers at NTT Security Japan have issued a warning about a new malware strain dubbed “OtterCookie”...

Contagious Interview & WageMole: North Korea’s New Cyber Espionage Campaigns WageMole campaign

Contagious Interview & WageMole: North Korea’s New Cyber Espionage Campaigns

Do Son November 6, 2024

In a recent report, Zscaler ThreatLabz uncovers the creative yet deceptive strategies used by North Korean threat...

North Korean Cyber Espionage Group Tenacious Pungsan Compromises Open-Source Repositories with Backdoored npm Packages Mercenary Akula European Financial Targeting AI-Generated Malware React2Shell Exploit UAT-8837 Critical Infrastructure Attack APT36, BOSS Linux BRICKSTORM Malware, China Espionage Curly COMrades, MucorAgent Chinese APT - HTTP Client Tools Shuckworm Cyber Espionage