Zinc, a Lazarus group offshoot, is using trojanized versions of open source apps such as KiTTY and PuTTY in a new phishing campaign.
The Kimsuky threat group based in North Korea is using a malicious browser extension to steal email from active user sessions in Chrome and Edge.
U.S. authorities seized a half million dollars and disrupted the activities of a North Korean state-sponsored group.
The H0lyGh0st ransomware group has spent the last year targeting small and medium-sized businesses - but has not yet successfully extorted ransom payments from victims, said Microsoft researchers.
North Korean government-backed actors are using the new Maui ransomware to target health care organizations, CISA says.