GitHub Warns Devs of North Korean Attacks
Social engineering campaign designed to deliver malicious npm packages
This tag covers cybersecurity incidents, policy, public services, privacy, advisories, and regional implications connected to North Korea.
Search across headline titles and summaries.
Background for this topic.
North Korea covers cybersecurity and information-security developments connected to North Korea, including incidents, policy, privacy, advisories, research, and news affecting organizations, public services, and digital systems in the area.
For practitioners, the tag provides geographic context for developments involving North Korea's organizations, services, partners, and users. Individual articles provide the specific technologies, threats, sectors, and operational implications relevant to each development.
Social engineering campaign designed to deliver malicious npm packages
Analysts continue piecing together who breached JumpCloud, why, and what else they've managed to pull off.
An analysis of the indicators of compromise (IoCs) associated with the JumpCloud hack has uncovered evidence pointing to the involvement of North Korean state-sponsored groups, in a style that's reminiscent of the supply chain attack targeting 3CX
US-based enterprise software company JumpCloud was breached by North Korean Lazarus Group hackers, according to security researchers at SentinelOne and CrowdStrike. [...]