CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

	DPRK macOS 'NimDoor' Malware Targets Web3, Crypto Platforms Description: Researchers observed North Korean threat actors targeting cryptocurrency and Web3 platforms on Telegram using malicious Zoom meeting requests. Source: Dark Reading July 7th, 2025 (about 8 hours ago)
	Microsoft shuts down 3,000 email accounts created by North Korean IT workers Description: Microsoft said it has spent years monitoring North Korea’s campaign to get its citizens hired in IT roles at U.S. companies and recently saw changes in how the campaign operates. Source: The Record July 3rd, 2025 (5 days ago)
	NimDoor crypto-theft macOS malware revives itself when killed Description: North Korean state-backed hackers have been using a new family of macOS malware called NimDoor in a campaign that targets web3 and cryptocurrency organizations. [...] Source: BleepingComputer July 2nd, 2025 (5 days ago)
	North Korean Hackers Target Web3 with Nim Malware and Use ClickFix in BabyShark Campaign Description: Threat actors with ties to North Korea have been observed targeting Web3 and cryptocurrency-related businesses with malware written in the Nim programming language, underscoring a constant evolution of their tactics. "Unusually for macOS malware, the threat actors employ a process injection technique and remote communications via wss, the TLS-encrypted version of the WebSocket protocol," Source: TheHackerNews July 2nd, 2025 (5 days ago)
	Scope, Scale of Spurious North Korean IT Workers Emerges Description: Microsoft warns thousands of North Korean workers have infiltrated tech, manufacturing, and transportation sectors to steal money and data. Source: Dark Reading July 1st, 2025 (6 days ago)
	DoJ Disrupts North Korean IT Worker Scheme Across Multiple US States Description: The US also conducted searches of 29 "laptop farms" across 16 states and seized 29 financial accounts used to launder funds. Source: Dark Reading July 1st, 2025 (6 days ago)
	US disrupts North Korean IT worker "laptop farm" scheme in 16 states Description: The U.S. Department of Justice (DoJ) announced coordinated law enforcement actions against North Korean government's fund raising operations using remote IT workers. [...] Source: BleepingComputer July 1st, 2025 (7 days ago)
	U.S. Arrests Key Facilitator in North Korean IT Worker Scheme, Seizes $7.74 Million Description: The U.S. Department of Justice (DoJ) on Monday announced sweeping actions targeting the North Korean information technology (IT) worker scheme, leading to the arrest of one individual and the seizure of 29 financial accounts, 21 fraudulent websites, and nearly 200 computers. The coordinated action saw searches of 21 known or suspected "laptop farms" across 14 states in the U.S. that were put to Source: TheHackerNews July 1st, 2025 (7 days ago)
	US shuts down a string of North Korean IT worker scams Source: TheRegister June 30th, 2025 (7 days ago)
	DOJ raids 29 ‘laptop farms’ in crackdown on N. Korean IT worker scheme Description: The Justice Department announced a coordinated action to disrupt a Pyongyang campaign to get North Koreans hired at U.S.-based companies. Source: The Record June 30th, 2025 (7 days ago)