Kejia Wang and Zhenxing Wang compromised the identities of dozens of US persons to help land jobs at over 100 companies.
The post Two North Korean IT Worker Scheme Facilitators Jailed in the US appeared first on SecurityWeek.
OpenAI Impacted by North Korea-Linked Axios Supply Chain Hack
The AI giant is taking action after determining that a macOS code signing certificate may have been compromised.
The post OpenAI Impacted by North Korea-Linked Axios Supply Chain Hack appeared first on SecurityWeek.
North Korean Hackers Target High-Profile Node.js Maintainers
The threat actor behind the Axios supply chain attack has been aiming at other maintainers in its social engineering campaign.
The post North Korean Hackers Target High-Profile Node.js Maintainers appeared first on SecurityWeek.
North Korean Hackers Drain $285 Million From Drift in 10 Seconds
The attackers prepared infrastructure and multiple nonce-based transactions, took over an admin key, and drained five vaults.
The post North Korean Hackers Drain $285 Million From Drift in 10 Seconds appeared first on SecurityWeek.
Axios NPM Package Breached in North Korean Supply Chain Attack
A long-lived NPM access token was used to bypass the GitHub Actions OIDC-based CI/CD publishing workflow and push backdoored package versions.
The post Axios NPM Package Breached in North Korean Supply Chain Attack appeared first on SecurityWeek.
Polyfill Supply Chain Attack Impacting 100k Sites Linked to North Korea
The 2024 incident was initially linked to China, but an infostealer infection has now revealed North Korean involvement.
The post Polyfill Supply Chain Attack Impacting 100k Sites Linked to North Korea appeared first on SecurityWeek.
North Korean APT Targets Air-Gapped Systems in Recent Campaign
Using Windows shortcut files, the APT deployed a new implant, a loader, a propagation tool, and two backdoors.
The post North Korean APT Targets Air-Gapped Systems in Recent Campaign appeared first on SecurityWeek.
Ukrainian Gets 5 Years in US Prison for Aiding North Korean IT Fraud
Oleksandr Didenko sold the stolen identities of US citizens, allowing North Koreans to get hired using freelance work platforms.
The post Ukrainian Gets 5 Years in US Prison for Aiding North Korean IT Fraud appeared first on SecurityWeek.
North Korean Hackers Target macOS Developers via Malicious VS Code Projects
The hackers trick victims into accessing GitHub or GitLab repositories that are opened using Visual Studio Code.
The post North Korean Hackers Target macOS Developers via Malicious VS Code Projects appeared first on SecurityWeek.
FBI: North Korean Spear-Phishing Attacks Use Malicious QR Codes
The North Korean state-sponsored espionage group Kimsuky has targeted government organizations, think tanks, and academic institutions.
The post FBI: North Korean Spear-Phishing Attacks Use Malicious QR Codes appeared first on SecurityWeek.
