"Github를 공격 인프라로 악용하는 Kimsuky의 최신 국내 공격 사례 분석" published by ENKI. #Kimsuky, #XenoRAT, #DPRK, #CTI https://www.enki.co.kr/media-center/blog/dissecting-kimsuky-s-attacks-on-south-korea-in-depth-analysis-of-github-based-malicious-infrastructure

"Dissecting Kimsuky's Attacks on South Korea: In-Depth Analysis of GitHub-Based Malicious Infrastructure" published by ENKI. #Kimsuky, #XenoRAT, #DPRK, #CTI https://www.enki.co.kr/en/media-center/tech-blog/dissecting-kimsuky-s-attacks-on-south-korea-in-depth-analysis-of-github-based-malicious-infrastructure

"LETS BURN SOME North Korean info" published by evstykas. #DPRK, #CTI https://archive.is/Zi4lf

"BitoPro Statement & Progress Update" published by BitoPro. #BitoPro, #Lazarus, #DPRK, #CTI https://www.bitopro.com/ns/en-US/announcements/1226

"김수키(Kimsuky)으로 추정이 되는 국민비서 경찰청 고지 안내 피싱 메일(2025.4.9)" published by Sakai. #Kimsuky, #Phishing, #DPRK, #CTI http://wezard4u.tistory.com/429515

"DPRK IT Worker-Related Account Takeover" published by Ketman. #ITWorker, #NPM, #DPRK, #CTI https://www.ketman.org/dprk-it-worker-related-account-takeover.html

"Inside the BlueNoroff Web3 macOS Intrusion Analysis" published by Huntress. #BlueNoroff, #macOS, #DPRK, #CTI https://www.huntress.com/blog/inside-bluenoroff-web3-intrusion-analysis

"Famous Chollima deploying Python version of GolangGhost RAT" published by CiscoTalos. #ClickFix, #FamousChollima, #PylangGhost, #DPRK, #CTI https://blog.talosintelligence.com/python-version-of-golangghost-rat/

"Kimsuky（APT-Q-2）组织近期 Endoor 恶意软件分析" published by Qianxin. #APT-Q-2, #Endoor, #DPRK, #CTI https://mp.weixin.qq.com/s?__biz=MzI2MDc2MDA4OA==&mid=2247515137&idx=1&sn=98a66e3565c09db9b5a0d0fc4674177b

"Exploring a New KimJongRAT Stealer Variant and Its PowerShell Implementation" published by PaloaltoNetworks. #KimjongRAT, #LNK, #DPRK, #CTI https://unit42.paloaltonetworks.com/kimjongrat-stealer-variant-powershell/

"Kimsuky’s CHM and BabyShark Malware Using Cryptocurrency Theme" published by S2W. #BabyShark, #CHM, #Kimsuky, #DPRK, #CTI https://s2w.inc/en/resource/detail/852

"Warning Against Distribution of Malware Disguised as Research Papers (Kimsuky Group)" published by Ahnlab. #Kimsuky, #DPRK, #CTI https://asec.ahnlab.com/en/88465/

"May 2025 APT Group Trends (South Korea)" published by Ahnlab. #LNK, #DPRK, #CTI https://asec.ahnlab.com/en/88472/

"May 2025 APT Group Trends" published by Ahnlab. #Konni, #TA-RedAnt, #DPRK, #CTI https://asec.ahnlab.com/en/88473/

"김수키(Kimsuky)만든 허위 권리보호 작성하신 게시물이 게시중단 되어 안내 말씀 드립니다.피싱 메일 분석(2025.4.1)" published by Sakai. #Kimsuky, #Phishing, #DPRK, #CTI http://wezard4u.tistory.com/429512

"Malicious crypto-theft package targets Web3 developers in North Korean operation" published by Aikido. #NPM, #DPRK, #CTI https://www.aikido.dev/blog/malicious-package-web3

"2025년 5월 APT 공격 동향 보고서(국내)" published by Ahnlab. #LNK, #DPRK, #CTI https://asec.ahnlab.com/ko/88436/

"논문파일을 위장한 악성코드 유포 주의 (Kimsuky 그룹)" published by Ahnlab. #Kimsuky, #DPRK, #CTI https://asec.ahnlab.com/ko/88419/

"Lazarus: Is your best IT worker really a North Korean hacker?" published by Group-IB. #ITWorker, #Lazarus, #Podcast, #DPRK, #CTI https://podcasts.apple.com/us/podcast/lazarus-is-your-best-it-worker-really-a-north-korean-hacker/id1813334799?i=1000712386700

"Analysis of the Triple Combo Threat of the Kimsuky Group" published by Genians. #AppleSeed, #Kimsuky, #DPRK, #CTI https://www.genians.co.kr/en/blog/threat_intelligence/triple-combo