North Korea

Inside Lazarus: How North Korea uses AI to industrialize attacks on developers

North Korea's HexagonalRodent APT weaponized mainstream generative AI tools (Cursor, ChatGPT) to automate social engineering and supply chain attacks targeting developers—stealing $12M in cryptocurrency while compromising the fast-draft VSCode extension.

Nation-states want to cause harm, not just steal cash - stop handing your cyber defenses to the cheapest contractor

UK National Cyber Security Centre CEO warns that China now represents a peer-level competitor in cyberspace with sophisticated state-sponsored attacks, citing an average of four nationally significant incidents per we...

North Korea hackers blamed for $290M crypto theft

State-sponsored North Korean hackers exploited LayerZero's cross-chain bridge to steal $290M from Kelp DAO, exposing how DeFi infrastructure vulnerabilities attract systematic geopolitical threats.

Fraudulent Cryptocurrency App in Mac App Store Stole $9.5 Million From 50-Some Users

$285M Drift Protocol exploit using durable nonces and social engineering reveals Circle's inability to freeze stolen USDC, exposing stablecoin governance centralization risks.

Two different attackers poisoned popular open source tools - and showed us the future of supply chain compromise

March 2026 supply chain attacks poisoned Trivy and Axios via social engineering, stealing secrets from tens of thousands of organizations across development pipelines and cloud environments with planned follow-up exploitation.