DPRK-Linked Hackers Use GitHub as C2 in Multi-Stage Attacks Targeting South Korea

Threat actors likely associated with the Democratic People’s Republic of Korea (DPRK) have been observed using GitHub as command-and-control (C2) infrastructure in multi-stage attacks targeting organizations in South Korea.
The attack chain, per Fortinet FortiGuard Labs, involves obfuscated Windows shortcut (LNK) files acting as the starting point to drop a decoy PDF

Source

What's Hot

Researchers Spot Surge in Brute-Force Attacks from Middle East

Flowise AI Agent Builder Under Active CVSS 10.0 RCE Exploitation; 12,000+ Instances Exposed

Malicious Chrome Extensions Campaign Exposes User Data

Researchers Spot Surge in Brute-Force Attacks from Middle East

Flowise AI Agent Builder Under Active CVSS 10.0 RCE Exploitation; 12,000+ Instances Exposed

Triad Nexus Expands Global Fraud Operations Despite US Sanctions

North Korean Hackers Turn JSON Services into Covert Malware Delivery Channels

macOS Stealer Campaign Uses “Cracked” App Lures to Bypass Apple Securi

Why SOC Burnout Can Be Avoided: Practical Steps

Cyber M&A Roundup: Cyber Giants Strengthen AI Security Offerings

Why the Identity Security Fabric is Essential for Securing AI and Non-Human Identities

Most Popular

North Korean Hackers Turn JSON Services into Covert Malware Delivery Channels

macOS Stealer Campaign Uses “Cracked” App Lures to Bypass Apple Securi

Why SOC Burnout Can Be Avoided: Practical Steps

Our Picks

The WhatsApp screen-sharing scam you didn’t see coming

What it is and how to protect yourself

Why the tech industry needs to stand firm on preserving end-to-end encryption

Subscribe to Updates

What's Hot

DPRK-Linked Hackers Use GitHub as C2 in Multi-Stage Attacks Targeting South Korea

Related Posts

Subscribe to Updates