North Korean Hackers Deploy FudModule Rootkit via Chrome Zero-Day Exploit

A recently patched security flaw in Google Chrome and other Chromium web browsers was exploited as a zero-day by North Korean actors in a campaign designed to deliver the FudModule rootkit. The development is indicative of the persistent efforts made by the nation-state adversary, which has made ...

North Korea's Lazarus Group Deploys New Kaolin RAT via Fake Job Lures

The North Korea-linked threat actor known as Lazarus Group employed its time-tested fabricated job lures to deliver a new remote access trojan called Kaolin RAT. The malware could, "aside from standard RAT functionality, change the last write timestamp of a selected file and load any received DLL...

Lazarus Hackers Exploited Windows Kernel Flaw as Zero-Day in Recent Attacks

The notorious Lazarus Group actors exploited a recently patched privilege escalation flaw in the Windows Kernel as a zero-day to obtain kernel-level access and disable security software on compromised hosts. The vulnerability in question is CVE-2024-21338 CVSS score: 7.8, which can permit an...