North Korea is a country tracked across 50 threat clusters and 1130 intelligence report mentions on ThreatCluster. First observed October 24, 2025; most recent activity July 17, 2026.
Google has issued an emergency update to address a high-severity zero-day vulnerability, CVE-2025-13223, in its Chrome browser. This flaw, linked to the V8 JavaScript engine, allows attackers to execute arbitrary code…
A critical vulnerability in FortiWeb Web Application Firewall (WAF) has been actively exploited, allowing attackers to gain full administrative access to affected systems. Organizations using FortiWeb are at risk of…
A sophisticated backdoor malware named Firestarter has been discovered on Cisco Firepower devices, attributed to the state-sponsored threat actor UAT-4356. The malware exploits two vulnerabilities, CVE-2025-20333 and…
In recent months, cyber warfare has intensified due to rising geopolitical tensions, particularly involving North Korea, Iran, and Russia. North Korean hackers have infiltrated U.S. companies by embedding operatives as…
The Lazarus Group, a North Korea-linked cybercrime organization, has intensified its operations against financial and cryptocurrency sectors using a sophisticated fileless Remote Access Trojan (RAT) called RemotePE.…
Russian cyber group APT28, also known as Fancy Bear, has been exploiting vulnerabilities in TP-Link and MikroTik routers to conduct large-scale DNS hijacking operations. This campaign, which has affected over 18,000…
On May 5, 2026, Ripple announced it will share internal threat intelligence regarding North Korean hackers with Crypto ISAC, aimed at enhancing security across the cryptocurrency industry. This initiative follows a…
On April 18, 2026, Kelp DAO suffered a significant cyberattack attributed to North Korea's Lazarus Group, resulting in the theft of approximately 116,500 rsETH tokens worth $292 million. The attackers exploited a…
Following a $285 million hack attributed to North Korean hackers, the Solana Foundation has launched two security initiatives, STRIDE and SIRN, to enhance the security of its DeFi ecosystem. STRIDE is a tiered security…
Kelp DAO experienced a significant security breach on April 16, 2026, resulting in the loss of $292 million due to an exploit in the LayerZero ecosystem. Attackers, believed to be associated with North Korea's Lazarus…