Threats

DPRK-Linked Hackers Use GitHub as C2 in Multi-Stage Attacks Targeting South Korea

April 6, 2026 · 3 min read

Threat actors likely associated with the Democratic People's Republic of Korea (DPRK) have been observed using GitHub as command-and-control (C2) infrastructure in multi-stage attacks targeting organizations in South Korea. The attack chain, per Fortinet FortiGuard Labs, involves obfuscated Windows shortcut (LNK) files acting as the starting point to drop a decoy PDF

This article was originally reported by The Hacker News. Read the full article on their site.

Source: The Hacker News

Powered by ZeroBot

Protect your website from bots, scrapers, and automated threats.

Try ZeroBot Free

Related Articles

Threats

The Ransomware Landscape in 2026: What Has Changed

Ransomware continues to evolve at an alarming pace. From AI-powered attack chains to the decline of ransom payments, we examine the trends reshaping the threat landscape in 2026.

Apr 6, 2026 9 min read
Threats

Supply Chain Attacks: The Growing Threat to Software Security

Supply chain attacks have surged dramatically, targeting the trust relationships between software vendors, open-source ecosystems, and end users. We examine the evolving threat landscape and strategies for defense.

Mar 30, 2026 9 min read