Lazarus Exploits Typos to Sneak PyPI Malware into Dev Systems

Lazarus Exploits Typos to Sneak PyPI Malware into Dev Systems

Lazarus Exploits Typos to Sneak PyPI Malware into Dev Systems The notorious North Korean state-backed hacking group Lazarus uploaded four packages to the Python Package Index (PyPI) repository with the goal of infecting developer systems with malware. The packages, now taken down, are pycryptoenv, pycryptoconf, quasarlib, and swapmempool. They have been collectively downloaded 3,269 Read more…

Lazarus Hackers Exploited Windows Kernel Flaw as Zero-Day in Recent Attacks

Lazarus Hackers Exploited Windows Kernel Flaw as Zero-Day in Recent Attacks

Lazarus Hackers Exploited Windows Kernel Flaw as Zero-Day in Recent Attacks The notorious Lazarus Group actors exploited a recently patched privilege escalation flaw in the Windows Kernel as a zero-day to obtain kernel-level access and disable security software on compromised hosts. The vulnerability in question is CVE-2024-21338 (CVSS score: 7.8), which can Read more…

Cryptocurrency Hacks

North Korea’s Lazarus Group Rakes in $3 Billion from Cryptocurrency Hacks

North Korea’s Lazarus Group Rakes in $3 Billion from Cryptocurrency Hacks Nov 30, 2023NewsroomCryptocurrency / Cyberattacks Threat actors from the Democratic People’s Republic of Korea (DPRK) are increasingly targeting the cryptocurrency sector as a major revenue generation mechanism since at least 2017 to get around sanctions imposed against the country. Read more…