dprk
Safeguard articles tagged "dprk" — guides, analysis, and best practices for software supply chain and application security.
5 articles
Hugging Face as Malware CDN and Exfiltration Backend: The DPRK-Linked npm Campaign of May 2026
OX Security disclosed a DPRK-aligned campaign that abused Hugging Face as a malware host and data-exfiltration backend, using public repos to serve second-stage payloads and private datasets to receive stolen developer secrets.
Lazarus Financial Sector Campaigns 2024-2025
Lazarus Group's 2024-2025 financial sector campaigns combined exchange compromises, DeFi exploits, and developer social engineering. Here is what defenders must know.
Developer Social Engineering Campaigns 2024-2025
State-aligned and financially motivated actors now target individual developers with bespoke social engineering. Here is the tradecraft and what engineering leaders must do.
Kimsuky Developer Targeting Analysis
Kimsuky has pivoted from diplomats to developers. A look at the tradecraft behind its supply-chain-flavored operations and what engineering orgs should do about it.
Lazarus Group Software Supply Chain Campaigns
A field analyst's look at how North Korea's Lazarus Group has turned software supply chains into a strategic weapon, from 3CX to npm.