Theregister
North Korean Intruders Target US Education and Healthcare Sectors
First seen 28 Feb 2026, 08:09 UTC
•
•98% similarity
•35.1
Share:
Export
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
Browse articles
Digital intruders with possible links to North Korea have been infecting the US education and healthcare sectors with a new backdoor since at least December 2025. Security researchers from Cisco Talos reported that several educational institutions, including a university connected to multiple others, have been compromised, indicating a broader attack surface.
ThreatCluster AI
Timeline
2025-12-01
Infections in US education and healthcare sectors began
2026-02-27
Initial reports published by The Register
2026-02-28
Further coverage and details released by The Register