Lazarus Group is a apt_group tracked across 50 threat clusters and 224 intelligence report mentions on ThreatCluster. First observed October 24, 2025; most recent activity July 16, 2026.
The Lazarus Group, a North Korea-linked cybercrime organization, has intensified its operations against financial and cryptocurrency sectors using a sophisticated fileless Remote Access Trojan (RAT) called RemotePE.…
On May 5, 2026, Ripple announced it will share internal threat intelligence regarding North Korean hackers with Crypto ISAC, aimed at enhancing security across the cryptocurrency industry. This initiative follows a…
On April 18, 2026, Kelp DAO suffered a significant cyberattack attributed to North Korea's Lazarus Group, resulting in the theft of approximately 116,500 rsETH tokens worth $292 million. The attackers exploited a…
Kelp DAO experienced a significant security breach on April 16, 2026, resulting in the loss of $292 million due to an exploit in the LayerZero ecosystem. Attackers, believed to be associated with North Korea's Lazarus…
During the G7 Summit in Évian-les-Bains from June 15 to 17, 2026, world leaders focused on North Korean cybercrimes, particularly cryptocurrency thefts. They reported that North Korean hacking groups stole approximately…
The North Korean hacking group Kimsuky is utilizing generative AI to create malware aimed at South Korean government systems, as reported by Kaspersky on May 14, 2026. The malware, named HelloDoor, is a Rust-based…
Bitrefill, a crypto e-commerce platform, disclosed a cyberattack that began on March 1, 2026, attributed to North Korea's Lazarus Group. The breach started with a compromised employee laptop, allowing attackers to…
North Korea's BlueNoroff group is executing a sophisticated campaign against cryptocurrency executives, utilizing fake Zoom meetings enhanced with AI-generated avatars and stolen video footage. The attacks primarily…
Malaysia's cyber threat landscape is experiencing a structural shift due to rapid digital growth and geopolitical factors, making it a prime target for cyber attacks. A report from Cyfirma indicates that state-backed…
On March 22, 2026, President Donald Trump issued a 48-hour ultimatum to Iran, threatening to 'obliterate' its power plants if the Strait of Hormuz is not fully reopened. This comes as Iran launched missile attacks on…