Hackread.com1d ago

Watch out as North Korean group #UNC1069 targets Node.js maintainers using fake LinkedIn and Slack profiles to spread malware and compromise open source packages.

Read: https://hackread.com/unc1069-node-js-maintainer-fake-linkedin-slack-profile/

#CyberSecurity #NorthKorea #LinkedIn #Slack #Malware

UNC1069 Targets Node.js Maintainers via Fake LinkedIn, Slack Profiles

North Korean group UNC1069 targets Node.js maintainers using fake LinkedIn and Slack profiles to spread malware and compromise open source packages.

Hackread - Cybersecurity News, Data Breaches, AI and More
Security Land2d ago

🚨 Over the past two weeks, two massive, overlapping campaigns—TeamPCP’s "blitzkrieg" on security tools like Trivy and Checkmarx, and UNC1069's devastating RAT deployment via the Axios library—have compromised thousands of CI/CD pipelines.

Read the full deep-dive and get the immediate mitigation steps here: https://www.security.land/2026-supply-chain-attacks-teampcp-trivy-axios/

#SecurityLand #BreachBreakdown #SupplyChainAttack #NPM #Cybersecurity #Axios #Trivy #TeamPCP #UNC1069

March 2026 Supply Chain Attacks: TeamPCP & Axios Analyzed

A technical breakdown of the March 2026 supply chain attacks, examining how threat actors like TeamPCP and UNC1069 compromised Trivy, LiteLLM, and Axios—and how to stop them.

Security Land | Decoding the Cyber Threat Landscape
securityaffairs4d ago
#Google links #Axios #npm supply chain attack to #North #Korea-linked #APT #UNC1069
https://securityaffairs.com/190256/security/google-links-axios-npm-supply-chain-attack-to-north-korea-linked-apt-unc1069.html
#securityaffairs #hacking
Google links Axios npm supply chain attack to North Korea-linked APT UNC1069

Google links the Axios npm supply chain attack to North Korean threat group UNC1069, targeting financial gain.

Security Affairs
Walker4d ago

Between IT contractor fraud and NPM pipeline poisoning it would be nice if North Korea could take a break for a few months.

https://therecord.media/google-links-axios-supply-chain-attack-north-korea

#axios #northkorea #dprk #UNC1069 #incidentresponse #infosec

Google links axios supply chain attack to North Korean group

Google Threat Intelligence Group (GTIG) joined several other researchers in attributing the attack to a North Korean threat actor they call UNC1069. SentinelOne found the same group using macOS-based malware in attacks dating back to 2023.

The Threat Codex4d ago
North Korea-Nexus Threat Actor Compromises Widely Used Axios NPM Package in Supply Chain Attack
#AxiosProject #UNC1069 #WAVESHAPER
https://cloud.google.com/blog/topics/threat-intelligence/north-korea-threat-actor-targets-axios-npm-package
North Korea-Nexus Threat Actor Compromises Widely Used Axios NPM Package in Supply Chain Attack | Google Cloud Blog

A North Korea-nexus threat actor targeted the popular axios NPM package in a massive supply chain attack.

Google Cloud Blog
hackmacFeb 11
Nordkoreanische Hacker professionalisieren KI-Angriffe – Finanzbranche im Fadenkreuz! Laut Sicherheitsforschern von Mandiant setzen nordkoreanische Hacker der Gruppe UNC1069 inzwischen hochentwickelte KI‑Tools, Deepfakes und Social Engineering ein, um gezielt Unternehmen der Finanz- und Kryptobranche anzugreifen. #CyberSecurity #AIThreats #UNC1069 #FinancialServices #Krypto #Deepfake #Cybercrime #Nordkorea #Hackerangriff
The Threat CodexFeb 10
UNC1069 Targets Cryptocurrency Sector with New Tooling and AI-Enabled Social Engineering
#UNC1069 #WAVESHAPER #HYPERCALL #HIDDENCALL #DEEPBREATH #CHROMEPUSH #SILENCELIFT
https://cloud.google.com/blog/topics/threat-intelligence/unc1069-targets-cryptocurrency-ai-social-engineering
UNC1069 Targets Cryptocurrency Sector with New Tooling and AI-Enabled Social Engineering | Google Cloud Blog

North Korean threat actors target the cryptocurrency industry using AI-enabled social engineering such as deepfakes, and ClickFix.

Google Cloud Blog
The Threat CodexNov 5
GTIG AI Threat Tracker: Advances in Threat Actor Usage of AI Tools
#PROMPTFLUX #PROMPTSTEAL #TEMP_Zagros #UNC1069 #UNC4899 #APT42
https://cloud.google.com/blog/topics/threat-intelligence/threat-actor-usage-of-ai-tools
GTIG AI Threat Tracker: Advances in Threat Actor Usage of AI Tools | Google Cloud Blog

Google Threat Intelligence Group's findings on adversarial misuse of AI, including Gemini and other non-Google tools.

Google Cloud Blog
lazarusholicApr 24, 2025
"M-Trends 2025: Data, Insights, and Recommendations From the Frontlines" published by Mandiant. #ITWorker, #Trend, #UNC1069, #UNC3782, #UNC4736, #UNC4899, #UNC5342, #DPRK, #CTI https://cloud.google.com/blog/topics/threat-intelligence/m-trends-2025/?hl=en
M-Trends 2025: Data, Insights, and Recommendations From the Frontlines | Google Cloud Blog

We share data, insights and recommendations from the incident response frontlines in the latest edition of our annual report.

Google Cloud Blog
lazarusholicFeb 13, 2025
"Cybercrime: A Multifaceted National Security Threat" published by Google. #APT38, #APT43, #APT45, #ITWorker, #Trend, #UNC1069, #UNC3782, #UNC4899, #DPRK, #CTI https://cloud.google.com/blog/topics/threat-intelligence/cybercrime-multifaceted-national-security-threat
Cybercrime: A Multifaceted National Security Threat | Google Cloud Blog

Google Threat Intelligence Group discusses the current state of cybercrime, and why it must be considered a national security threat.

Google Cloud Blog