The TA444 threat group has changed its tactics in recent weeks, moving to new delivery methods and payloads.
The FBI says the North Korean threat actor Lazarus Group is responsible for the theft of $100 million in cryptocurrency from Harmony Horizon Bridge in June.
A North Korean state-backed actor known for targeting South Korean victims recently used an Internet Explorer zero day (CVE-2022-41128).
Zinc, a Lazarus group offshoot, is using trojanized versions of open source apps such as KiTTY and PuTTY in a new phishing campaign.
The Kimsuky threat group based in North Korea is using a malicious browser extension to steal email from active user sessions in Chrome and Edge.