South Korea is a country tracked across 50 threat clusters and 730 intelligence report mentions on ThreatCluster. First observed October 29, 2025; most recent activity July 17, 2026.
In 2025, cryptocurrency thefts have surged significantly, with over $2 billion stolen in just the first half of the year, marking a 17.27% increase compared to 2022. The ByBit hack, attributed to North Korean state…
Humanity Protocol has initiated a full token migration and airdrop of a new H token following a $36 million exploit on June 8, 2026. The previous H token has been sunsetted and replaced with a newly audited ERC-20…
Bauman Moscow State Technical University is revealed to host a secret department training students for the GRU, Russia's military intelligence. Leaked documents show that over 2,000 students have been trained in…
ESET researchers reported a supply-chain attack by the North Korean APT group ScarCruft, targeting a gaming platform in the Yanbian region of China. The attack, ongoing since late 2024, involved trojanizing both Windows…
On March 12, 2026, Zscaler ThreatLabz reported a campaign by the Tropic Trooper APT targeting Chinese-speaking individuals in Taiwan, Japan, and South Korea. The attack involved a malicious ZIP archive containing…
The China-aligned APT group Webworm has shifted its focus from Asia to Europe, targeting government organizations in Belgium, Italy, Poland, Serbia, and Spain during 2025. ESET researchers identified new backdoors,…
ESET's latest APT Activity Report reveals that from October 2025 to March 2026, China-aligned threat actors engaged in extensive espionage campaigns, particularly in Venezuela and the Gulf region. Following U.S.…
A sophisticated malware campaign targeting users in South Korea has been identified, utilizing malicious LNK files that leverage GitHub as a command and control (C2) infrastructure. The campaign, attributed to North…
The North Korean hacking group Kimsuky is utilizing generative AI to create malware aimed at South Korean government systems, as reported by Kaspersky on May 14, 2026. The malware, named HelloDoor, is a Rust-based…
North Korean hackers known as Kimsuky have launched a series of cyberattacks against South Korean military and corporate sectors during March and April 2026. The group utilized sophisticated social engineering tactics,…