Daily NK14h ago
North Korea has ordered its youth league to treat South Korea as a "ghost-like existence" — running weekly ideological sessions April–May to purge all traces of South Korean culture from people under 30.
#NorthKorea #DPRK #KimJongUn #HumanRights
https://www.dailynk.com/english/north-korea-orders-campaign-to-erase-south-korea-from-youth-consciousness/
Daily NK15h ago
Air China's Beijing–Pyongyang route resumed March 30 — the first direct flight in six years. News spread fast inside North Korea, with people hoping Chinese traders will follow.
#NorthKorea #DPRK #ChinaDPRK #KoreanPeninsula https://www.dailynk.com/english/air-chinas-beijing-pyongyang-resumption-stirs-economic-hopes-inside-north-korea/
Daily NK16h ago
Sell one factory item on the side in North Korea — face expulsion, dismissal, and criminal prosecution. Songchon county has issued a zero-tolerance order against diverting state goods to the jangmadang.
#NorthKorea #DPRK #Jangmadang #KimJongUn https://www.dailynk.com/english/north-korea-threatens-criminal-punishment-for-diverting-factory-goods-to-informal-markets/
jbz18h ago

Drift loses $280 million North Korean hackers seize Security Council powers

「 These include Tornado Cash usage, CarbonVote deployment timing (09:30 Pyongyang time), cross-chain bridging patterns, and rapid large-scale laundering, consistent with the Bybit hack. The attacker leveraged durable nonce accounts and pre-signed transactions to delay execution and strike with accuracy at a chosen time, the platform explained 」

https://www.bleepingcomputer.com/news/security/drift-loses-280-million-north-korean-hackers-seize-security-council-powers/

#drift #crypto #infosec #dprk

Drift loses $280 million North Korean hackers seize Security Council powers

The Drift Protocol lost at least $280 million after a threat actor took control of its Security Council administrative powers in a planned, sophisticated operation.

BleepingComputer
OTX Bot1d ago

DPRK-Related Campaigns with LNK and GitHub C2

FortiGuard Labs recently detected a series of LNK files targeting users in South Korea. These attacks use a multi-stage scripting process and leverage GitHub as Command and Control (C2) infrastructure to evade detection. Although these LNK files can be traced back to 2024, earlier versions had less obfuscation and contained significant metadata, allowing us to track similar attacks spreading the XenoRAT malware.

Pulse ID: 69cfceee4f7a6c4305b3d1a4
Pulse Link: https://otx.alienvault.com/pulse/69cfceee4f7a6c4305b3d1a4
Pulse Author: AlienVault
Created: 2026-04-03 14:30:06

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#CyberSecurity #DPRK #FortiGuard #FortiGuardLabs #GitHub #InfoSec #Korea #LNK #Malware #OTX #OpenThreatExchange #RAT #SouthKorea #bot #AlienVault

LevelBlue - Open Threat Exchange

Learn about the latest cyber threats. Research, collaborate, and share threat intelligence in real time. Protect yourself and the community against today's emerging threats.

LevelBlue Open Threat Exchange
Daily NK1d ago
For the first time since the pandemic, North Korea is allowing private individuals to go crabbing along the Yellow Sea coast. Entrepreneurs are scrambling to recruit crews and secure gear.
#NorthKorea #DPRK #Marketization #NKEconomy https://www.dailynk.com/english/eased-restrictions-fuel-optimism-as-north-koreas-crab-season-gets-under-way/
CyberVeille.ch1d ago

📢 TasksJacker : campagne DPRK compromet 400+ dépôts GitHub via VS Code tasks.json et C2 blockchain
📝 ## 🔍 Contexte

Rapport publié le 2 avril 2026 par OpenSourceMalware.com, issu d'une investigation débutée le 31 janvier 2026.
📖 cyberveille : https://cyberveille.ch/posts/2026-04-02-tasksjacker-campagne-dprk-compromet-400-depots-github-via-vs-code-tasks-json-et-c2-blockchain/
🌐 source : https://opensourcemalware.com/blog/tasksjacker-blog-post
#DPRK #GitHub #Cyberveille

TasksJacker : campagne DPRK compromet 400+ dépôts GitHub via VS Code tasks.json et C2 blockchain

🔍 Contexte Rapport publié le 2 avril 2026 par OpenSourceMalware.com, issu d’une investigation débutée le 31 janvier 2026. L’analyse documente une campagne active baptisée TasksJacker, attribuée avec un niveau de confiance MEDIUM-HIGH à des acteurs liés à la Corée du Nord (DPRK). 🎯 Vecteur d’attaque principal Les attaquants injectent des fichiers .vscode/tasks.json malveillants dans des dépôts GitHub compromis. La fonctionnalité "runOn": "folderOpen" de VS Code déclenche automatiquement l’exécution d’une commande shell dès qu’un développeur ouvre le dossier cloné — sans interaction utilisateur supplémentaire.

CyberVeille
EU at the UN - Geneva #Multila2d ago
RT by @EU_UNGeneva: #HRC61 #🇨🇾 expresses its congratulations to all who worked on the adoption of EU led resolutions on #FORB, HR situations in #Belarus #DPRK #Myanmar, #Rights of the Child, #SR mandate on sale & sexual exploitation of children.
---
https://nitter.net/CyprusInGeneva/status/2039019930939514924#m
Show thread⚯ Michel de Cryptadamus ⚯2d ago

current estimate $285 million possibly headed straight into the #DPRK or #IRGC nuclear weapons program, including $71.5 million from the "regulated" #stablecoin #USDC that could have stopped at least that much of this heist at any moment in the last 4 hours and just... chose not to do so.

remember that the goal of the #GeniusAct etc. is to make companies like Circle USDC *your* bank.

#Circle #USDC #GeniusAct #crypto #bitcoin #driftProtocol #solana #SOL #infosec #crime #lazarusGroup #FutureOfFinance #stablecoins #infosec #Hack #cybersecurity #Tether #USDT

Daily NK3d ago
This month in 2012: Kim Jong Un was named chairman of the Central Military Commission — completing his grip on the DPRK's military just months after his father's death. The world wondered if he'd last. He's still there.
👁️ #NorthKorea #DPRK #KimJongUn https://www.britannica.com/topic/history-of-North-Korea