5 matches found
Dissecting Sapphire Sleet’s macOS intrusion from lure to compromise
In this article 1. Sapphire Sleet’s campaign lifecycle 2. Defending against Sapphire Sleet intrusion activity 3. Microsoft Defender detection and hunting guidance 4. Indicators of compromise Executive summary Microsoft Threat Intelligence uncovered a macOS‑focused cyber campaign by the North Kore...
Dissecting Sapphire Sleet’s macOS intrusion from lure to compromise
In this article 1. Sapphire Sleet’s campaign lifecycle 2. Defending against Sapphire Sleet intrusion activity 3. Microsoft Defender detection and hunting guidance 4. Indicators of compromise Executive summary Microsoft Threat Intelligence uncovered a macOS‑focused cyber campaign by the North Kore...
Mitigating the Axios npm supply chain compromise
In this article 1. Analysis of the attack 2. Mitigation and protection guidance 3. Microsoft Defender detections 4. Indicators of compromise 5. Hunting queries On March 31, 2026, two new npm packages for updated versions of Axios, a popular HTTP client for JavaScript that simplifies making HTTP...
North Korean Hackers Steal $10M with AI-Driven Scams and Malware on LinkedIn
The North Korea-linked threat actor known as Sapphire Sleet is estimated to have stolen more than $10 million worth of cryptocurrency as part of social engineering campaigns orchestrated over a six-month period. These findings come from Microsoft, which said that multiple threat activity clusters...
Microsoft Warns of Fake Skills Assessment Portals Targeting IT Job Seekers
A sub-cluster within the infamous Lazarus Group has established new infrastructure that impersonates skills assessment portals as part of its social engineering campaigns. Microsoft attributed the activity to a threat actor it calls Sapphire Sleet, describing it as a "shift in the persistent...