InvisibleFerret Archives • Daily CyberSecurity

North Korea-Aligned Void Dokkaebi Evolves with Binary Obfuscation Void Dokkaebi Cython malware

North Korea-Aligned Void Dokkaebi Evolves with Binary Obfuscation

Do Son May 28, 2026

North Korea-aligned threat actors are updating their malicious toolsets to target software developers globally. Specifically, TrendAI Research...

Inside “HexagonalRodent”: The AI-Powered DPRK Syndicate Hauling Millions in Crypto HexagonalRodent Malware Web3 Developer Scams

Inside “HexagonalRodent”: The AI-Powered DPRK Syndicate Hauling Millions in Crypto

Do Son April 27, 2026

The digital asset landscape is under siege by a highly active, North Korean-linked threat group that has...

North Korea’s Contagious Interview APT Uses JSON Keeper and GitLab to Deliver BeaverTail Spyware North Korean Laptop Farm DPRK Insider Threat North Korea WMD Cyber Funding, Australia Sanctions Insider threat, North Korean hackers Kimsuky, cyber-espionage NPM Malware, North Korea Cyber-espionage North Korea, Remote IT Job Scam Laptop Farm - DriverEasy - Kimsuky Watering Hole Attack

North Korean Laptop Farm DPRK Insider Threat North Korea WMD Cyber Funding, Australia Sanctions Insider threat, North Korean hackers Kimsuky, cyber-espionage NPM Malware, North Korea Cyber-espionage North Korea, Remote IT Job Scam Laptop Farm - DriverEasy - Kimsuky Watering Hole Attack

North Korea’s Contagious Interview APT Uses JSON Keeper and GitLab to Deliver BeaverTail Spyware

Do Son November 17, 2025

Security researchers at NVISO have identified a significant evolution in the long-running Contagious Interview malware campaign, a...

North Korea’s UNC5342 APT Uses EtherHiding to Store Malware in Blockchain Smart Contracts for Stealthy C2 North Korea EtherHiding, Blockchain C2

North Korea’s UNC5342 APT Uses EtherHiding to Store Malware in Blockchain Smart Contracts for Stealthy C2

Do Son October 20, 2025

Google Threat Intelligence Group (GTIG) has uncovered a new campaign by the North Korean threat actor UNC5342,...

North Korean APT “Contagious Interview” Floods npm Registry with 338 Malicious Packages to Steal Crypto North Korean Laptop Farm DPRK Insider Threat North Korea WMD Cyber Funding, Australia Sanctions Insider threat, North Korean hackers Kimsuky, cyber-espionage NPM Malware, North Korea Cyber-espionage North Korea, Remote IT Job Scam Laptop Farm - DriverEasy - Kimsuky Watering Hole Attack

North Korean APT “Contagious Interview” Floods npm Registry with 338 Malicious Packages to Steal Crypto

Do Son October 11, 2025

The Socket Threat Research Team has sounded the alarm on an escalating wave of malicious npm activity...

North Korean Hackers Evolve Tactics with New Malware Campaign North Korea malware North Korea, OFAC sanctions DPRK AI hiring, Wagemole campaigns

North Korea malware North Korea, OFAC sanctions DPRK AI hiring, Wagemole campaigns

North Korean Hackers Evolve Tactics with New Malware Campaign

Do Son September 19, 2025

GitLab Threat Intelligence has published a detailed analysis of a new malware campaign linked to North Korean...

XORIndex: North Korea’s Evolving Supply Chain Malware Targets npm Ecosystem Again NPM Supply Chain, North Korea Malware

XORIndex: North Korea’s Evolving Supply Chain Malware Targets npm Ecosystem Again

Do Son July 15, 2025

A new chapter in the ongoing Contagious Interview campaign has emerged, as the Socket Threat Research Team...

North Korean APT Launches Massive npm Supply Chain Attack: Typosquatting & Fake Jobs Steal Crypto from Devs npm Supply Chain Attack, North Korean APT

npm Supply Chain Attack, North Korean APT

North Korean APT Launches Massive npm Supply Chain Attack: Typosquatting & Fake Jobs Steal Crypto from Devs

Do Son June 26, 2025

In a detailed expose, the Socket Threat Research Team has uncovered an ongoing and highly targeted supply...

North Korean APT ‘Contagious Interview’ Launches Fake Crypto Companies to Spread Malware Trio North Korea malware North Korea, OFAC sanctions DPRK AI hiring, Wagemole campaigns

North Korean APT ‘Contagious Interview’ Launches Fake Crypto Companies to Spread Malware Trio

Do Son April 28, 2025

Threat analysts at Silent Push have uncovered a new campaign orchestrated by the North Korean state-sponsored APT...

North Korea’s IT Worker Scam: How the Regime Infiltrates Global Tech Firms for Cyber Espionage

Do Son February 16, 2025

Cybersecurity researchers at Insikt Group have uncovered a sophisticated North Korean IT worker scam designed to infiltrate...

“OtterCookie” Malware Nibbles at Developers in “Contagious Interview” Campaign SonicWall Reconnaissance Akira Ransomware residential proxy malware TraderTraitor BreachForums Honeypot, French Interior Ministry Leak

SonicWall Reconnaissance Akira Ransomware residential proxy malware TraderTraitor BreachForums Honeypot, French Interior Ministry Leak

“OtterCookie” Malware Nibbles at Developers in “Contagious Interview” Campaign

Do Son December 26, 2024

Cybersecurity researchers at NTT Security Japan have issued a warning about a new malware strain dubbed “OtterCookie”...

Cyber Espionage Campaign: North Korean Actors Deploy BeaverTail and InvisibleFerret North Korean Cyber Tactics

Cyber Espionage Campaign: North Korean Actors Deploy BeaverTail and InvisibleFerret

Do Son November 15, 2024

The eSentire Threat Response Unit (TRU) recently uncovered a sophisticated attack involving the BeaverTail and InvisibleFerret malware...

Contagious Interview & WageMole: North Korea’s New Cyber Espionage Campaigns WageMole campaign

Contagious Interview & WageMole: North Korea’s New Cyber Espionage Campaigns

Do Son November 6, 2024

In a recent report, Zscaler ThreatLabz uncovers the creative yet deceptive strategies used by North Korean threat...

North Korean Cyber Espionage Group Tenacious Pungsan Compromises Open-Source Repositories with Backdoored npm Packages Mercenary Akula European Financial Targeting AI-Generated Malware React2Shell Exploit UAT-8837 Critical Infrastructure Attack APT36, BOSS Linux BRICKSTORM Malware, China Espionage Curly COMrades, MucorAgent Chinese APT - HTTP Client Tools Shuckworm Cyber Espionage

Mercenary Akula European Financial Targeting AI-Generated Malware React2Shell Exploit UAT-8837 Critical Infrastructure Attack APT36, BOSS Linux BRICKSTORM Malware, China Espionage Curly COMrades, MucorAgent Chinese APT - HTTP Client Tools Shuckworm Cyber Espionage

North Korean Cyber Espionage Group Tenacious Pungsan Compromises Open-Source Repositories with Backdoored npm Packages

Do Son October 24, 2024

In a recent report, the Datadog Security Research Team exposed the latest nefarious activities of the Tenacious...

North Korean Threat Actors Targeting Tech Job Seekers with Contagious Interview Campaign

Do Son October 9, 2024

Palo Alto Networks Unit 42 researchers have uncovered a new wave of attacks in the ongoing Contagious...

North Korean Hackers Launch Job Interview Scam to Deploy BeaverTail and InvisibleFerret Malware BeaverTail malware

North Korean Hackers Launch Job Interview Scam to Deploy BeaverTail and InvisibleFerret Malware

Do Son September 5, 2024

Lazarus Group, the infamous North Korean hacking collective, has continued its aggressive campaign in 2024, evolving its...

Beware DEV#POPPER: Evolving Malware Targets Developers Everywhere

Do Son August 4, 2024

In recent months, the world has encountered a new campaign by North Korean hackers. The DEV#POPPER campaign...

Critical Alert 3 Active Exploits Detected Today

Critical Alert

InvisibleFerret

North Korea-Aligned Void Dokkaebi Evolves with Binary Obfuscation

Inside “HexagonalRodent”: The AI-Powered DPRK Syndicate Hauling Millions in Crypto

North Korea’s Contagious Interview APT Uses JSON Keeper and GitLab to Deliver BeaverTail Spyware

North Korea’s UNC5342 APT Uses EtherHiding to Store Malware in Blockchain Smart Contracts for Stealthy C2

North Korean APT “Contagious Interview” Floods npm Registry with 338 Malicious Packages to Steal Crypto

North Korean Hackers Evolve Tactics with New Malware Campaign

XORIndex: North Korea’s Evolving Supply Chain Malware Targets npm Ecosystem Again

North Korea’s IT Worker Scam: How the Regime Infiltrates Global Tech Firms for Cyber Espionage

“OtterCookie” Malware Nibbles at Developers in “Contagious Interview” Campaign

Cyber Espionage Campaign: North Korean Actors Deploy BeaverTail and InvisibleFerret

Contagious Interview & WageMole: North Korea’s New Cyber Espionage Campaigns

North Korean Cyber Espionage Group Tenacious Pungsan Compromises Open-Source Repositories with Backdoored npm Packages

North Korean Threat Actors Targeting Tech Job Seekers with Contagious Interview Campaign

North Korean Hackers Launch Job Interview Scam to Deploy BeaverTail and InvisibleFerret Malware

Beware DEV#POPPER: Evolving Malware Targets Developers Everywhere