New Lazarus Group campaign sees North Korean hackers spreading undetectable malware through GitHub and open source packages
Security researchers discovered malicious code in NPM packages and GitHub commits The code was linked to a Lazarus-operated ...
The Hacker News2d
Lazarus Group Deploys Marstech1 JavaScript Implant in Targeted Developer Attacks
The North Korean threat actor known as the Lazarus Group has been linked to a previously undocumented JavaScript implant named Marstech1 as part of limited targeted attacks against developers.
ReadWrite4d
North Korea’s Lazarus Group spreads crypto-stealing malware through open-source software
Researchers warn that North Korea’s Lazarus Group is injecting crypto-stealing malware into open-source projects.
HHS12h
North Korea Stealing Cryptocurrency With JavaScript Implant
New North Korean malware is targeting cryptowallets with an unconventional command-and-control infrastructure and through ...
Computing5d
Lazarus Group hiding malware in GitHub and open-source packages
A North Korean hacking group has been identified as using malicious Javascript implants to steal cryptocurrency.
The Hacker News6d
Microsoft's Patch Tuesday Fixes 63 Flaws, Including Two Under Active Exploitation
Microsoft patches 63 flaws, including two exploited Windows vulnerabilities (CVE-2025-21391, CVE-2025-21418). CISA requires ...
cryptonews5d
N.Korean Hackers Boost Crypto-Looting Methods: Hiding Malware in GitHub, NPM Packages
This is a global campaign orchestrated by the infamous North Korea Lazarus group to steal crypto and data through supply ...