lazarus-group
Safeguard articles tagged "lazarus-group" — guides, analysis, and best practices for software supply chain and application security.
5 articles
Lessons from the 3CX Attack: The First Supply Chain Attack Caused by Another
3CX shipped a trojanized version of its own softphone through official updates in 2023 — because an employee installed compromised trading software. Here is the cascade, and its lessons.
Lazarus Group Software Supply Chain Campaigns
A field analyst's look at how North Korea's Lazarus Group has turned software supply chains into a strategic weapon, from 3CX to npm.
JumpCloud Supply Chain Attack: North Korea's Lazarus Group Strikes Again
How North Korean threat actors compromised JumpCloud's infrastructure to target cryptocurrency firms through a sophisticated supply chain attack in July 2023.
3CX Supply Chain Attack: A Deep Dive into the North Korean Compromise
The 3CX supply chain attack was a multi-stage operation linked to North Korea's Lazarus Group. Here's the full technical breakdown.
Ronin Network Hack: $625 Million Stolen from Axie Infinity's Blockchain Bridge
North Korean hackers stole $625 million from the Ronin Network bridge powering Axie Infinity, exploiting compromised validator keys in what became the largest DeFi hack in history at the time.