LABYRINTH CHOLLIMA Evolves into Three Adversaries | CrowdStrike

LABYRINTH CHOLLIMA has evolved into three distinct adversaries with specialized malware, objectives, and tradecraft. Learn more.

2026 Global Threat Report | Latest Cybersecurity Trends & Insights | CrowdStrike

Discover key cyber threat trends in CrowdStrike’s 2026 Global Threat Report. Learn about rising attacks, malware-free threats, and evolving adversary tactics. Download the report now.

Labyrinth Chollima APT Adversary Simulation - Abdulrehman Ali - Medium

This is a simulation of attack by (Labyrinth Chollima) APT group targeting victims working on energy company and the aerospace industry, the attack campaign was active before June 2024, The attack…

Exploring CISA’s 2023 Top Routinely Exploited Vulnerabilities

In September, VulnCheck identified evidence of 78 CVEs that were publicly disclosed for the first time as exploited in the wild.

Labyrinth Chollima Using Poisoned Python Packages to Deliver PondRAT

North Korea nexus threat actor group Labyrinth Chollima was observed using poisoned Python packages to deliver PondRAT, a backdoor that targets MacOS and Linux systems.

North Korea’s Post-Infection Python Payloads – One Night in Norfolk

VMConnect supply chain attack continues, evidence points to North Korea

ReversingLabs researchers discovered more packages that are part of the previously identified VMConnect campaign, and evidence linking the campaign to North Korean threat actors.

CrowdStrike Prevents 3CXDesktopApp Intrusion Campaign

On March 29, 2023, CrowdStrike observed unexpected malicious activity emanating from a legitimate, signed binary, 3CXDesktopApp — a softphone application from 3CX.