Ruby Jumper — Campaign Analysis & Threat Activity

Threat entity extracted from intelligence sources

Frequency
2
occurrences
First Seen
February 27, 2026
Last Seen
February 27, 2026

Ruby Jumper is a threat campaign tracked across 1 threat cluster and 2 intelligence report mentions on ThreatCluster. First observed February 27, 2026; most recent activity February 27, 2026.

Related Threat Clusters

  • APT37 Hackers Deploy Custom Malware Against Air-Gapped Systems

    North Korean threat group APT37 has initiated a campaign named Ruby Jumper, utilizing new custom malware to target air-gapped systems, which are typically isolated from the internet. This marks a significant advancement…

    10 articles · Updated February 27, 2026

Recent Intelligence Reports

  • APT37 hackers use new malware to breach air — Bleepingcomputer · February 27, 2026
  • North Korean APT37 Hackers Leverages Novel Malware to Infect Air‑Gapped Systems — Cybersecuritynews · February 27, 2026

CVSS v3.1 Breakdown