DPRK campaign uses GitHub as C2 🚨
LNK files → PowerShell payload → data exfil via API

Trusted platform abuse = stealthy operations

https://www.technadu.com/dprk-phishing-campaigns-exploit-github-c2-to-target-users-in-south-korea/625004/

#Infosec #APT #ThreatIntel #Cybersecurity