Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
North Korea's Lazarus Pulls Off Biggest Crypto Heist in History
Description: Cyberattackers believed to be affiliated with the state-sponsored threat group pulled off the largest crypto heist reported to date, stealing $1.5 billion from exchange Bybit. It was carried out by interfering with a routine transfer between wallets.
Source: Dark Reading
February 25th, 2025 (about 2 months ago)
OpenAI bans ChatGPT accounts used by North Korean hackers
Description: OpenAI says it blocked several North Korean hacking groups from using its ChatGPT platform to research future targets and find ways to hack into their networks. [...]
Source: BleepingComputer
February 24th, 2025 (about 2 months ago)
North Korean hackers linked to $1.5 billion ByBit crypto heist
Description: ​Over the weekend, blockchain security companies and experts have linked North Korea's Lazarus hacking group to the theft of over $1.5 billion from cryptocurrency exchange Bybit. [...]
Source: BleepingComputer
February 24th, 2025 (about 2 months ago)
North Korean Hackers Target Freelance Developers in Job Scam to Deploy Malware
Description: Freelance software developers are the target of an ongoing campaign that leverages job interview-themed lures to deliver cross-platform malware families known as BeaverTail and InvisibleFerret. The activity, linked to North Korea, has been codenamed DeceptiveDevelopment, which overlaps with clusters tracked under the names Contagious Interview (aka CL-STA-0240), DEV#POPPER, Famous Chollima,
Source: TheHackerNews
February 20th, 2025 (about 2 months ago)
North Korea's Kimsuky Taps Trusted Platforms to Attack South Korea
Description: The campaign heavily uses Dropbox folders and PowerShell scripts to evade detection and quickly scrapped infrastructure components after researchers began poking around.
Source: Dark Reading
February 19th, 2025 (about 2 months ago)
Lazarus Group Deploys Marstech1 JavaScript Implant in Targeted Developer Attacks
Description: The North Korean threat actor known as the Lazarus Group has been linked to a previously undocumented JavaScript implant named Marstech1 as part of limited targeted attacks against developers. The active operation has been dubbed Marstech Mayhem by SecurityScorecard, with the malware delivered by means of an open-source repository hosted on GitHub that's associated with a profile named "
Source: TheHackerNews
February 14th, 2025 (2 months ago)
North Korean APT43 Uses PowerShell and Dropbox in Targeted South Korea Cyberattacks
Description: A nation-state threat actor with ties to North Korea has been linked to an ongoing campaign targeting South Korean business, government, and cryptocurrency sectors. The attack campaign, dubbed DEEP#DRIVE by Securonix, has been attributed to a hacking group known as Kimsuky, which is also tracked under the names APT43, Black Banshee, Emerald Sleet, Sparkling Pisces, Springtail, TA427, and Velvet
Source: TheHackerNews
February 13th, 2025 (2 months ago)
North Korea targets crypto developers via NPM supply chain attack
Source: TheRegister
February 13th, 2025 (2 months ago)
Inside the Scam: North Korea’s IT Worker Threat
Description: Learn how North Korea’s IT workers infiltrate global companies, posing cybersecurity threats, committing fraud, and supporting the regime. Discover key findings and mitigation strategies to safeguard your business.
Source: RecordedFuture
February 13th, 2025 (2 months ago)
DPRK hackers dupe targets into typing PowerShell commands as admin
Description: North Korean state actor 'Kimsuky' (aka 'Emerald Sleet' or 'Velvet Chollima') has been observed using a new tactic inspired from the now widespread ClickFix campaigns. [...]
Source: BleepingComputer
February 12th, 2025 (2 months ago)