CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
North Korean Hackers Deploy BeaverTail Malware via 11 Malicious npm Packages
Description: The North Korean threat actors behind the ongoing Contagious Interview campaign are spreading their tentacles on the npm ecosystem by publishing more malicious packages that deliver the BeaverTail malware, as well as a new remote access trojan (RAT) loader. "These latest samples employ hexadecimal string encoding to evade automated detection systems and manual code audits, signaling a variation
Source: TheHackerNews
April 5th, 2025 (3 months ago)
Lazarus Group Targets Job Seekers With ClickFix Tactic to Deploy GolangGhost Malware
Description: The North Korean threat actors behind Contagious Interview have adopted the increasingly popular ClickFix social engineering tactic to lure job seekers in the cryptocurrency sector to deliver a previously undocumented Go-based backdoor called GolangGhost on Windows and macOS systems. The new activity, assessed to be a continuation of the campaign, has been codenamed ClickFake Interview by
Source: TheHackerNews
April 3rd, 2025 (3 months ago)
DPRK 'IT Workers' Pivot to Europe for Employment Scams
Description: By using fake references and building connections with recruiters, some North Korean nationals are landing six-figure jobs that replenish DPRK coffers.
Source: Dark Reading
April 2nd, 2025 (3 months ago)
North Korean IT worker scam spreading to Europe after US law enforcement crackdown
Description: North Korea’s IT worker scam has expanded widely into Europe after years of focusing on U.S. companies, according to new research.
Source: The Record
April 2nd, 2025 (3 months ago)
North Korea’s fake tech workers now targeting European employers
Source: TheRegister
April 2nd, 2025 (3 months ago)
North Korean IT worker army expands operations in Europe
Description: ​North Korea's IT workers have expanded operations beyond the United States and are now increasingly targeting organizations across Europe. [...]
Source: BleepingComputer
April 1st, 2025 (3 months ago)
Lazarus APT Jumps on ClickFix Bandwagon in Recent Attacks
Description: A continuation of the North Korean nation-state threat's campaign against employment seekers uses the social engineering attack to target CeFi organizations with the GolangGhost backdoor.
Source: Dark Reading
April 1st, 2025 (3 months ago)
North Korean hackers adopt ClickFix attacks to target crypto firms
Description: The notorious North Korean Lazarus hacking group has reportedly adopted 'ClickFix' tactics to deploy malware targeting job seekers in the cryptocurrency industry, particularly centralized finance (CeFi). [...]
Source: BleepingComputer
March 31st, 2025 (3 months ago)
U.S. Treasury Lifts Tornado Cash Sanctions Amid North Korea Money Laundering Probe
Description: The U.S. Treasury Department has announced that it's removing sanctions against Tornado Cash, a cryptocurrency mixer service that has been accused of aiding the North Korea-linked Lazarus Group to launder their ill-gotten proceeds. "Based on the Administration's review of the novel legal and policy issues raised by use of financial sanctions against financial and commercial activity occurring
Source: TheHackerNews
March 22nd, 2025 (3 months ago)
US removes sanctions against Tornado Cash crypto mixer
Description: The U.S. Department of Treasury announced today that it has removed sanctions against the Tornado Cash cryptocurrency mixer, which North Korean Lazarus hackers used to launder hundreds of millions stolen in multiple crypto heists. [...]
Source: BleepingComputer
March 21st, 2025 (3 months ago)