Microsoft attributes Mastra AI supply chain attack to North Korean hackers Sapphire Sleet
Microsoft warns that a recent supply chain attack on the Mastra AI npm environment was carried out by Sapphire Sleet, a notorious North Korean hacking group known for targeting the financial sector. This latest incident is part of a larger pattern of attacks that exploit open-source distribution channels.
#SapphireSleet #NorthKoreanHackers #SupplyChain #MastraAi #Npm
North Korean Hackers Exploit Developer Tools in Malware Campaigns
North Korean hackers have launched a sneaky malware campaign, tricking victims into executing cross-platform malware for macOS, Linux, and Windows through malicious scripts hidden in GitHub repositories. Their latest tactic, dubbed UNK_DeadDrop, uses recruitment lures to deliver self-running code to over 75% of…
#NorthKoreanHackers #ContagiousInterview #FamousChollima #Hexagonalrodent #VoidDokkaebi
North Korean Hackers Infiltrate Android Games to Spy on Defectors
Security researchers at Eset stumbled upon a sneaky plot by North Korean hackers, who infiltrated popular Android games to spy on defectors by hiding a backdoor called BirdCall in the apps. The malicious code was cleverly disguised in game files available for download on a regional gaming platform's official website.
#NorthKoreanHackers #AndroidMalware #SupplyChain #Apt #EmergingThreats
North Korean Hackers Exploit Crypto Firms with AI-Driven Zoom Lures
North Korean hackers launched a massive spear-phishing campaign, targeting over 100 crypto organizations worldwide with cleverly crafted Zoom lures and AI-generated deepfakes. They used fake calendar invites and typosquatted meeting links to gain access and exfiltrate sensitive data in a matter of minutes.
#NorthKoreanHackers #Cryptocurrency #AidrivenAttacks #Spearphishing #ZoomExploits
North Korean Hackers Exploit Fake Zoom Meetings to Target Crypto Executives
North Korean hackers are using a sneaky tactic to target crypto executives: they pose as legitimate meeting attendees, harvesting video and audio to make future scams more convincing. They start by sending Calendly invites for fake catch-up meetings, then swap the link with a fake Zoom or Teams URL to…
#NorthKoreanHackers #CryptoExecutives #FakeZoomMeetings #SocialEngineering #Cryptocurrency
North Korean Hackers Expand Malicious Package Reach Across Multiple Coding Ecosystems
Beware of the Trojan horse in your code: North Korean hackers have quietly infiltrated multiple package ecosystems, publishing around 1,700 malicious packages that masquerade as legitimate developer tools but act as malware loaders. This sneaky campaign, linked to the Contagious Interview group, puts…
#NorthKoreanHackers #ContagiousInterview #MalwareOperations #PackageEcosystem #Npm
North Korean Hackers Abuse VS Code Auto-Run Tasks to Deploy StoatWaffle Malware
https://thehackernews.com/2026/03/north-korean-hackers-abuse-vs-code-auto.html
#Infosec #Security #Cybersecurity #CeptBiro #NorthKoreanHackers #VSCode #AutoRunTasks #StoatWaffle #Malware
North Korean Hackers Deploy BeaverTail–OtterCookie Combo for Keylogging Attacks
https://gbhackers.com/beavertail-ottercookie/
#Infosec #Security #Cybersecurity #CeptBiro #NorthKoreanHackers #BeaverTailOtterCookie #KeyloggingAttacks
Researchers at Cisco Talos have uncovered a sophisticated campaign by the Famous Chollima subgroup of Lazarus, wherein attackers deploy blended JavaScript tools.
North Korean hackers are taking stealth to a new level: embedding malware into blockchain smart contracts and tricking devs with fake job interviews. Are we ready for a world where your next code review could be a trap?
#etherhiding
#northkoreanhackers
#blockchainsecurity
#malwaredistribution
#smartcontracts
#cyberthreats
#socialengineering
#infosec
North Korean Hackers Target Web3 with Nim Malware and Use ClickFix in BabyShark Campaig
https://thehackernews.com/2025/07/north-korean-hackers-target-web3-with.html
#Infosec #Security #Cybersecurity #CeptBiro #NorthKoreanHackers #Web3 #NimMalware #ClickFix #BabySharkCampaig
Analyst207
Rene Robichaud
The DefendOps Diaries