Lazarus Group Archives • Daily CyberSecurity

Inside BlueNoroff’s “Self-Reinforcing” Deepfake Meeting Trap BlueNoroff Deepfakes Crypto Deepfake Phishing

Inside BlueNoroff’s “Self-Reinforcing” Deepfake Meeting Trap

Ddos April 28, 2026

Beyond Gatekeeper: How Sapphire Sleet’s AppleScript Trap Hijacks macOS and Crypto Wallets Sapphire Sleet macOS TCC Bypass Malware

Beyond Gatekeeper: How Sapphire Sleet’s AppleScript Trap Hijacks macOS and Crypto Wallets

Ddos April 21, 2026

North Korea’s UNC1069 Uses Fake Video Calls to Hijack Crypto UNC1069 Fake Meetings ClickFix Malware

North Korea’s UNC1069 Uses Fake Video Calls to Hijack Crypto

Ddos April 19, 2026

The Invisible Patch: How PolinRider Rewrites Git History to Hide North Korean Malware PolinRider Malware Git History Falsification

The Invisible Patch: How PolinRider Rewrites Git History to Hide North Korean Malware

Ddos April 17, 2026

North Korea’s “Portfolio Model” Shatters Modern Attribution Attribution Resistance DPRK Cyber Portfolio

North Korea’s “Portfolio Model” Shatters Modern Attribution

Ddos April 10, 2026

North Korean “StegaBin” Campaign Targets Developers with Steganographic Malware North Korean Laptop Farm DPRK Insider Threat North Korea WMD Cyber Funding, Australia Sanctions Insider threat, North Korean hackers Kimsuky, cyber-espionage NPM Malware, North Korea Cyber-espionage North Korea, Remote IT Job Scam Laptop Farm - DriverEasy - Kimsuky Watering Hole Attack

North Korean Laptop Farm DPRK Insider Threat North Korea WMD Cyber Funding, Australia Sanctions Insider threat, North Korean hackers Kimsuky, cyber-espionage NPM Malware, North Korea Cyber-espionage North Korea, Remote IT Job Scam Laptop Farm - DriverEasy - Kimsuky Watering Hole Attack

North Korean “StegaBin” Campaign Targets Developers with Steganographic Malware

Ddos March 3, 2026

Dohdoor: New Stealth Backdoor Targets US Healthcare and Education Dohdoor Backdoor UAT-10027

Dohdoor: New Stealth Backdoor Targets US Healthcare and Education

Ddos March 2, 2026

North Korea’s Lazarus Group Deploys Medusa Ransomware Against U.S. Healthcare SonicWall Reconnaissance Akira Ransomware residential proxy malware TraderTraitor BreachForums Honeypot, French Interior Ministry Leak

SonicWall Reconnaissance Akira Ransomware residential proxy malware TraderTraitor BreachForums Honeypot, French Interior Ministry Leak

North Korea’s Lazarus Group Deploys Medusa Ransomware Against U.S. Healthcare

Ddos February 26, 2026

Dream Job or Nightmare? Lazarus Group Hunts Crypto Devs with “Graphalgo” Malware TanStack Typosquatting npm Supply Chain Attack Axios Supply Chain Attack npm Poisoning eScan Supply Chain Attack Antivirus Compromise APT-36, NCERT WhatsApp Advisory FBI alert, Salesforce Salt Typhoon, APT group ConnectWise ScreenConnect hack Nation-state cyberattack FortiGate Leak - zkLend vulnerability - TRIPLESTRENGTH Threat Actor Group Dark Storm

TanStack Typosquatting npm Supply Chain Attack Axios Supply Chain Attack npm Poisoning eScan Supply Chain Attack Antivirus Compromise APT-36, NCERT WhatsApp Advisory FBI alert, Salesforce Salt Typhoon, APT group ConnectWise ScreenConnect hack Nation-state cyberattack FortiGate Leak - zkLend vulnerability - TRIPLESTRENGTH Threat Actor Group Dark Storm

Dream Job or Nightmare? Lazarus Group Hunts Crypto Devs with “Graphalgo” Malware

Ddos February 13, 2026

“Can You Hear Me?” BlueNoroff Hackers Use Fake Audio Glitch to Breach macOS BlueNoroff macOS Attack GhostCall Campaign Carding Underground Bulletproof Hosting DPRK Contagious Interview, npm Flood Stonefly group -HiatusRAT Actors

BlueNoroff macOS Attack GhostCall Campaign Carding Underground Bulletproof Hosting DPRK Contagious Interview, npm Flood Stonefly group -HiatusRAT Actors

“Can You Hear Me?” BlueNoroff Hackers Use Fake Audio Glitch to Breach macOS

Ddos February 5, 2026

Shadows of the North: Unmasking the Sprawling Cyber Infrastructure of the DPRK DPRK Cyber Ecosystem, Unified Hacking Infrastructure

Shadows of the North: Unmasking the Sprawling Cyber Infrastructure of the DPRK

Ddos December 22, 2025

110 Milliseconds of Truth: How Amazon Used “Lag” to Catch a North Korean Spy Amazon Redshift JDBC Driver RCE CVE-2026-8178 AWS Bahrain fire 2026 AWS UAE data center fire Amazon North Korean hacker keystroke latency, Arizona laptop farm infiltration

Amazon Redshift JDBC Driver RCE CVE-2026-8178 AWS Bahrain fire 2026 AWS UAE data center fire Amazon North Korean hacker keystroke latency, Arizona laptop farm infiltration

110 Milliseconds of Truth: How Amazon Used “Lag” to Catch a North Korean Spy

Ddos December 20, 2025

Lazarus Group’s New ScoringMathTea RAT Uses Reflective Plugin Loader and Custom Polyalphabetic Crypto for Espionage axios Supply Chain Attack WAVESHAPER.V2 SnappyBee Malware Salt Typhoon Stately Taurus ScoringMathTea RAT, Lazarus Reflective DLL

axios Supply Chain Attack WAVESHAPER.V2 SnappyBee Malware Salt Typhoon Stately Taurus ScoringMathTea RAT, Lazarus Reflective DLL

Lazarus Group’s New ScoringMathTea RAT Uses Reflective Plugin Loader and Custom Polyalphabetic Crypto for Espionage

Ddos November 20, 2025

DOJ Seizes $15M in Crypto from APT38, Unveils Guilty Pleas in North Korean IT Worker Fraud Scheme DPRK IT Workers, APT38 Crypto Forfeiture

DOJ Seizes $15M in Crypto from APT38, Unveils Guilty Pleas in North Korean IT Worker Fraud Scheme

Ddos November 18, 2025

Australia Joins US, Slaps Sanctions on North Korean Cybercriminals for Funding WMD Programs North Korean Laptop Farm DPRK Insider Threat North Korea WMD Cyber Funding, Australia Sanctions Insider threat, North Korean hackers Kimsuky, cyber-espionage NPM Malware, North Korea Cyber-espionage North Korea, Remote IT Job Scam Laptop Farm - DriverEasy - Kimsuky Watering Hole Attack

Australia Joins US, Slaps Sanctions on North Korean Cybercriminals for Funding WMD Programs

Ddos November 11, 2025

Lazarus Group Attacks Aerospace/Defense with New ChaCha20-Encrypted Comebacker Backdoor Seedworm Espionage Campaign 2026 ChromElevator Stealer DLL Sideloading SIM Swapping Crypto Theft Lazarus Comebacker, Aerospace Espionage Delete PlugX Malware

Seedworm Espionage Campaign 2026 ChromElevator Stealer DLL Sideloading SIM Swapping Crypto Theft Lazarus Comebacker, Aerospace Espionage Delete PlugX Malware

Lazarus Group Attacks Aerospace/Defense with New ChaCha20-Encrypted Comebacker Backdoor

Ddos November 11, 2025

North Korean APTs Upgrade Arsenal: Kimsuky Uses Stealthy HttpTroy, Lazarus Deploys New BLINDINGCAN RAT Kimsuky HttpTroy, Lazarus BLINDINGCAN RAT

Kimsuky HttpTroy, Lazarus BLINDINGCAN RAT

North Korean APTs Upgrade Arsenal: Kimsuky Uses Stealthy HttpTroy, Lazarus Deploys New BLINDINGCAN RAT

Ddos November 3, 2025

Lazarus Group Attacks with DreamLoader Malware, Leveraging DLL Sideloading and Microsoft Graph API for Stealth C2 North Korean Laptop Farm DPRK Insider Threat North Korea WMD Cyber Funding, Australia Sanctions Insider threat, North Korean hackers Kimsuky, cyber-espionage NPM Malware, North Korea Cyber-espionage North Korea, Remote IT Job Scam Laptop Farm - DriverEasy - Kimsuky Watering Hole Attack