North Korea Archives • Page 2 of 4 • Daily CyberSecurity

“Contagious Interview” Goes macOS: North Korean Hackers Deploy Stealthy “DriverFixer” Stealer DriverFixer0428, Contagious Interview Cache Smuggling, ClickFix Evasion North Korean Cyber Espionage

DriverFixer0428, Contagious Interview Cache Smuggling, ClickFix Evasion North Korean Cyber Espionage

“Contagious Interview” Goes macOS: North Korean Hackers Deploy Stealthy “DriverFixer” Stealer

Do Son December 25, 2025

A notorious North Korean cyber-espionage campaign known for targeting job seekers has expanded its arsenal with a...

“Casting Call” for Malware: APT37 Poses as TV Writers to Hack Targets APT37 Artemis, Korean TV Casting Phishing

“Casting Call” for Malware: APT37 Poses as TV Writers to Hack Targets

Do Son December 24, 2025

A notorious threat group is auditioning victims for a new cyber-espionage campaign, masquerading as television production staff...

Shadows of the North: Unmasking the Sprawling Cyber Infrastructure of the DPRK DPRK Cyber Ecosystem, Unified Hacking Infrastructure

Shadows of the North: Unmasking the Sprawling Cyber Infrastructure of the DPRK

Do Son December 22, 2025

A new collaborative investigation has exposed the intricate and overlapping infrastructure powering North Korea’s most notorious cyber...

North Korea’s Kimsuky Upgrades DOCSWAP Malware to Hijack Smartphones via QR Codes Chinese espionage groups APT35 Phishing, Stormshield CTI

North Korea’s Kimsuky Upgrades DOCSWAP Malware to Hijack Smartphones via QR Codes

Do Son December 22, 2025

The notorious North Korean threat group Kimsuky has launched a renewed mobile offensive, deploying an evolved version...

110 Milliseconds of Truth: How Amazon Used “Lag” to Catch a North Korean Spy Amazon Redshift JDBC Driver RCE CVE-2026-8178 AWS Bahrain fire 2026 AWS UAE data center fire Amazon North Korean hacker keystroke latency, Arizona laptop farm infiltration

Amazon Redshift JDBC Driver RCE CVE-2026-8178 AWS Bahrain fire 2026 AWS UAE data center fire Amazon North Korean hacker keystroke latency, Arizona laptop farm infiltration

110 Milliseconds of Truth: How Amazon Used “Lag” to Catch a North Korean Spy

Do Son December 20, 2025

E-commerce and technology giant Amazon has recently disclosed its proactive efforts to counter North Korean hacking operations,...

EtherRAT Malware Hijacks Ethereum Blockchain for Covert C2 After React2Shell Exploit EtherRAT C2 Blockchain, React2Shell DPRK

EtherRAT Malware Hijacks Ethereum Blockchain for Covert C2 After React2Shell Exploit

Do Son December 10, 2025

In a alarming escalation of the “React2Shell” crisis, security researchers have uncovered a sophisticated new malware strain...

DOJ Seizes $15M in Crypto from APT38, Unveils Guilty Pleas in North Korean IT Worker Fraud Scheme DPRK IT Workers, APT38 Crypto Forfeiture

DOJ Seizes $15M in Crypto from APT38, Unveils Guilty Pleas in North Korean IT Worker Fraud Scheme

Do Son November 18, 2025

In a sweeping multinational enforcement action, the U.S. Department of Justice (DOJ) has announced five guilty pleas...

Australia Joins US, Slaps Sanctions on North Korean Cybercriminals for Funding WMD Programs North Korean Laptop Farm DPRK Insider Threat North Korea WMD Cyber Funding, Australia Sanctions Insider threat, North Korean hackers Kimsuky, cyber-espionage NPM Malware, North Korea Cyber-espionage North Korea, Remote IT Job Scam Laptop Farm - DriverEasy - Kimsuky Watering Hole Attack

North Korean Laptop Farm DPRK Insider Threat North Korea WMD Cyber Funding, Australia Sanctions Insider threat, North Korean hackers Kimsuky, cyber-espionage NPM Malware, North Korea Cyber-espionage North Korea, Remote IT Job Scam Laptop Farm - DriverEasy - Kimsuky Watering Hole Attack

Australia Joins US, Slaps Sanctions on North Korean Cybercriminals for Funding WMD Programs

Do Son November 11, 2025

The Australian Government has announced financial sanctions and travel bans on four entities and one individual involved...

North Korea’s KONNI APT Hijacks Google Find Hub to Remotely Wipe and Track South Korean Android Devices AdaptixC2 Abuse, Russian Cybercrime RondoDox Botnet, Exploit Shotgun China Cyber Power, Red Hackers Nvidia cyberattack

AdaptixC2 Abuse, Russian Cybercrime RondoDox Botnet, Exploit Shotgun China Cyber Power, Red Hackers Nvidia cyberattack

North Korea’s KONNI APT Hijacks Google Find Hub to Remotely Wipe and Track South Korean Android Devices

Do Son November 11, 2025

The Genians Security Center (GSC) has uncovered a new phase in the KONNI APT campaign, revealing a...

US Treasury Sanctions 8 North Koreans and 2 Banks for Laundering Crypto to Fund WMD Programs DPRK Sanctions, Crypto Money Laundering

US Treasury Sanctions 8 North Koreans and 2 Banks for Laundering Crypto to Fund WMD Programs

Do Son November 7, 2025

The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) has announced new sanctions against...

North Korean APT “Contagious Interview” Floods npm Registry with 338 Malicious Packages to Steal Crypto North Korean Laptop Farm DPRK Insider Threat North Korea WMD Cyber Funding, Australia Sanctions Insider threat, North Korean hackers Kimsuky, cyber-espionage NPM Malware, North Korea Cyber-espionage North Korea, Remote IT Job Scam Laptop Farm - DriverEasy - Kimsuky Watering Hole Attack

North Korean APT “Contagious Interview” Floods npm Registry with 338 Malicious Packages to Steal Crypto

Do Son October 11, 2025

The Socket Threat Research Team has sounded the alarm on an escalating wave of malicious npm activity...

North Korean Hackers Evolve Tactics with New Malware Campaign North Korea malware North Korea, OFAC sanctions DPRK AI hiring, Wagemole campaigns

North Korea malware North Korea, OFAC sanctions DPRK AI hiring, Wagemole campaigns

North Korean Hackers Evolve Tactics with New Malware Campaign

Do Son September 19, 2025

GitLab Threat Intelligence has published a detailed analysis of a new malware campaign linked to North Korean...

APT37 Expands Arsenal with Rustonotto Backdoor, PowerShell Chinotto, and FadeStealer North Korean Laptop Farm DPRK Insider Threat North Korea WMD Cyber Funding, Australia Sanctions Insider threat, North Korean hackers Kimsuky, cyber-espionage NPM Malware, North Korea Cyber-espionage North Korea, Remote IT Job Scam Laptop Farm - DriverEasy - Kimsuky Watering Hole Attack

APT37 Expands Arsenal with Rustonotto Backdoor, PowerShell Chinotto, and FadeStealer

Do Son September 10, 2025

Zscaler ThreatLabz has uncovered new details about North Korean-aligned threat actor APT37 (also known as ScarCruft, Ruby...

SentinelLABS Reveals How North Korean “Contagious Interview” Operators Abuse Threat Intel Platforms Lazarus Group, cyber threat intelligence

Lazarus Group, cyber threat intelligence

SentinelLABS Reveals How North Korean “Contagious Interview” Operators Abuse Threat Intel Platforms

Do Son September 5, 2025

The SentinelLABS intelligence team, in collaboration with Validin, has published an in-depth analysis of North Korean-aligned actors...

Kimsuky APT Is Using Social Engineering and AppleSeed Malware to Spy on South Korea Exploited VMware

Kimsuky APT Is Using Social Engineering and AppleSeed Malware to Spy on South Korea

Do Son September 5, 2025

The Genians Security Center (GSC) has published a detailed analysis of a new Advanced Persistent Threat (APT)...

Operation HanKook Phantom: APT-37 Targets South Korean Institutions with LNK-Based Espionage Campaign North Korean Laptop Farm DPRK Insider Threat North Korea WMD Cyber Funding, Australia Sanctions Insider threat, North Korean hackers Kimsuky, cyber-espionage NPM Malware, North Korea Cyber-espionage North Korea, Remote IT Job Scam Laptop Farm - DriverEasy - Kimsuky Watering Hole Attack

Operation HanKook Phantom: APT-37 Targets South Korean Institutions with LNK-Based Espionage Campaign

Do Son September 2, 2025

Researchers at Seqrite Lab have uncovered a new spear-phishing operation attributed to APT-37 (ScarCruft / InkySquid /...

OFAC Sanctions North Korean IT Worker Network Funding Weapons Programs North Korea malware North Korea, OFAC sanctions DPRK AI hiring, Wagemole campaigns

OFAC Sanctions North Korean IT Worker Network Funding Weapons Programs

Do Son August 28, 2025

The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) has sanctioned multiple individuals and...

Beyond the Breach: Coinbase Cracks Down on Remote Work to Stop Hackers North Korean Laptop Farm DPRK Insider Threat North Korea WMD Cyber Funding, Australia Sanctions Insider threat, North Korean hackers Kimsuky, cyber-espionage NPM Malware, North Korea Cyber-espionage North Korea, Remote IT Job Scam Laptop Farm - DriverEasy - Kimsuky Watering Hole Attack

Beyond the Breach: Coinbase Cracks Down on Remote Work to Stop Hackers

Do Son August 25, 2025

In June 2025, the Nasdaq-listed American cryptocurrency exchange Coinbase experienced a data breach. The incident was not...

Spies in Plain Sight: How North Korean Hackers Used GitHub to Attack Embassies North Korean Laptop Farm DPRK Insider Threat North Korea WMD Cyber Funding, Australia Sanctions Insider threat, North Korean hackers Kimsuky, cyber-espionage NPM Malware, North Korea Cyber-espionage North Korea, Remote IT Job Scam Laptop Farm - DriverEasy - Kimsuky Watering Hole Attack

Spies in Plain Sight: How North Korean Hackers Used GitHub to Attack Embassies

Do Son August 20, 2025

The Trellix Advanced Research Center has uncovered a wide-reaching espionage operation targeting diplomatic missions in South Korea,...

Kimsuky Hacked: Hackers Leak 8.9GB of Stolen Data and Tools from North Korean Group North Korean Laptop Farm DPRK Insider Threat North Korea WMD Cyber Funding, Australia Sanctions Insider threat, North Korean hackers Kimsuky, cyber-espionage NPM Malware, North Korea Cyber-espionage North Korea, Remote IT Job Scam Laptop Farm - DriverEasy - Kimsuky Watering Hole Attack

Kimsuky Hacked: Hackers Leak 8.9GB of Stolen Data and Tools from North Korean Group

Do Son August 14, 2025

Recently, the North Korean hacking group Kimsuky suffered a breach resulting in the leak of 8.9 GB...

Critical Alert 1 Active Exploit Detected Today