Topic: decoy documents

Sort by: Relevance | Date
  • APT37 Breaches Air-Gapped Networks with New Malware
    March 1, 2026

    APT37 Breaches Air-Gapped Networks with New Malware

    North Korean state-sponsored hackers (APT37) are using a novel toolkit called Ruby Jumper to breach sensitive air-gapped networks by exploiting removable USB drives as a covert bridge. The multi-stage infection begins with a malicious shortcut file and deploys a chain of tools, including the REST...

    Read More »
  • Urgent Windows Flaw CVE-2025-9491 Actively Exploited by Hackers
    November 1, 2025

    Urgent Windows Flaw CVE-2025-9491 Actively Exploited by Hackers

    A critical Windows security flaw (CVE-2025-9491) is being actively exploited by hacking group UNC6384, enabling unauthorized code execution through malicious LNK files in spearphishing campaigns targeting European diplomatic and aviation entities. The exploitation involves a multi-stage malware c...

    Read More »
  • North Korean Hackers Exploit Seoul Intelligence Files
    August 30, 2025

    North Korean Hackers Exploit Seoul Intelligence Files

    A sophisticated spear-phishing campaign, attributed to North Korean-linked APT37, targeted South Korean intelligence and government personnel using deceptively authentic documents as bait. The operation unfolded in two phases: one distributing a malicious file disguised as a trusted newsletter to...

    Read More »

Related Topics

data exfiltration (2) cyber espionage (2) command and control (1) dll side-loading (1) geopolitical context (1) infection chain (1) windows vulnerability (1) backdoor malware (1)