North Korean Hackers Exploit NPM Packages to Steal Cryptocurrency and Sensitive Data

Threat Score:

GB Hackers

20 hours ago

Part of cluster #1633

Overview

North Korean Hackers Exploit NPM Packages to Steal Cryptocurrency and Sensitive Data Veracode Threat Research has uncovered a sophisticated North Korean cryptocurrency theft operation that continues to evolve, building on campaigns previously reported in February and June 2024. This latest iteration involves twelve malicious NPM packages, including cloud-binary, json-cookie-csv, cloudmedia, and nodemailer-enhancer, which were flagged by automated monitoring systems and subsequently removed from ...

Continue Reading on Original Site

5 articles

CISA Warns of D-Link Vulnerabilities Actively Exploited in Attacks

Cybersecurity News • 5 hours ago

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a new alert, adding three vulnerabilities affecting D-Link devices to its Known Exploited Vulnerabilities (KEV) Catalog. The inclusion of these flaws in the catalog signifies that they are being actively exploited by malicious cyber actors in real-world attacks, posing a significant threat to networks. The […]

Score

SonicWall firewalls hit by active mass exploitation of suspected zero-day

CyberScoop • 8 hours ago

20 organizations have been impacted and the pace of attacks is rising. Threat researchers and SonicWall are scrambling to determine the root cause.

Score

Stop Reacting; Start Anticipating: The Global State of Threat Intelligence

Brighttalk • 17 hours ago

Presented by Jitin Shabadu, Forrester Analyst | Jayce Nichols, Director, Intelligence Solutions, Google Threat Intelligence Group

Score

Risky Bulletin: Russia's war on foreign software continues

Risky • 6 hours ago

Brought to you bytines The smart, secure workflow builder Show notes Risky Bulletin: Russia to designate ERPs as "critical information infrastructure"

Score

SonicWall Probes Potential Zero-Day After Ransomware Hits

Data Breach Today UK • 11 hours ago

Akira Ransomware Exploited MFA-Protected SonicWall SSL VPNs, Say Researchers SonicWall said it is probing a surge in attacks against its Gen 7 firewalls, running various firmware versions, which have SSL VPN enabled. Researchers said attackers may have been exploiting a zero-day vulnerability and that multiple victims have been infected with Akira ransomware.

Score

DOMAINS

Cisco.com

ATTACK TYPES

Credential Theft

Cryptocurrency Theft

Social Engineering

Supply Chain Attack

INDUSTRIES

Cryptocurrency

Education

Information Technology

Software Development

VULNERABILITIES

DDoS

DoS

COMPANIES

AMD

Adobe

Amazon

Apple

Cisco

SECURITY VENDORS

Cloudflare

PLATFORMS

AWS

Android

Apache

Azure

IIS

APT GROUPS

Chollima

Lazarus Group

Operation C-Major

RANSOMWARE

AnDROid

Entropy

Korean

Zlader

MALWARE

BeaverTail

Dark

Entropy

Hook

Leverage

MITRE ATT&CK

T1003

T1053

T1059

T1105

T1190

COUNTRIES

North Korea

DOMAINS

Cisco.com

ARTICLE INFORMATION

Article #8724

Published 20 hours ago

GB Hackers

THREAT HUNTING

THREAT INTELLIGENCE

BUSINESS INTELLIGENCE

Save to Folder

Article Intelligence

THREAT HUNTING

THREAT INTELLIGENCE

BUSINESS INTELLIGENCE

Overview

Related Articles

CISA Warns of D-Link Vulnerabilities Actively Exploited in Attacks

SonicWall firewalls hit by active mass exploitation of suspected zero-day

Stop Reacting; Start Anticipating: The Global State of Threat Intelligence

Risky Bulletin: Russia's war on foreign software continues

SonicWall Probes Potential Zero-Day After Ransomware Hits

Save to Folder

Article Intelligence

We use cookies

Cookie Settings

Essential Cookies

Analytics Cookies

Performance Cookies

Marketing Cookies