Tag

#North Korea

9 stories taggedNorth Korea.

Photoreal news-editorial style, 16:9 framing, full-frame edge-to-edge composition
Threat Intelligence

North Korean Hackers Poisoned Over 100 Open Source Packages to Spy on Developers

A campaign called PolinRider has quietly corrupted legitimate software building blocks used by developers worldwide, planting tools that steal data and leave a hidden door open for attackers.

3 min
Full-frame overhead view of a cluttered developer's desk at night, glowing keyboard, open laptop showing abstract package manager output as coloured bars, small
Threat Intelligence

North Korean hackers flood open-source repositories with 108 booby-trapped packages

The Contagious Interview crew is back, seeding npm, Packagist, Go and Chrome with malware aimed at developers.

3 min
Photoreal editorial image, full-frame 16:9, of two nearly identical open cardboard shipping boxes on a dark desk, one subtly marked with a red warning tape, sof
Threat Intelligence

Fake Rollup Helper Packages on npm Traced to North Korean Hackers

Two look-alike JavaScript packages copied a popular developer tool line-for-line, then quietly opened a back door onto the machines of anyone who installed them.

3 min
Threat Intelligence

North Korean Malware Tells AI Analyzers to Look Away

A macOS sample attributed to Pyongyang-linked actors contains prompts designed to make LLM-assisted security tools abandon their analysis. Defenders are starting to notice the pattern.

2 min
Threat Intelligence

ScarCruft Dresses Up NarwhalRAT in a Microsoft Account Security Alert

APT37's spear-phish leans on the oldest trick in the identity playbook: tell the user their account is at risk, then hand them the payload.

2 min
Threat Intelligence

Contagious Interview Pivots to Dev-Review Lures in Two Fresh Campaigns

The North Korea-linked cluster is back with phishing pretexts aimed at developers — recruiter pitches and code-review requests that drop malware on engineers' workstations.

3 min
Threat Intelligence

Kimsuky Rolls Out HTTPSpy and HelloDoor in Spring 2026 Campaign Against South Korean Targets

The DPRK-linked crew is spoofing Webex pages and antivirus installers to drop new implants on military and corporate networks.

2 min
AI Security

Your Hiring Process Is Now a Weapons Financing Loophole

North Korea and Iran are using AI to manufacture legitimacy at scale. The threat isn't a genius hacker. It's industrialized paperwork.

3 min
Threat Intelligence

Lazarus' RemotePE Lives Entirely in Memory, Targets Crypto Treasuries

A fresh in-memory RAT from DPRK's Lazarus Group is being chained behind two custom loaders to drain finance and crypto orgs. Here is what to check tonight.

3 min
© 2026 Threat Vectr