Safeguard
Tag

north-korea

Safeguard articles tagged "north-korea" — guides, analysis, and best practices for software supply chain and application security.

7 articles

Threat Intelligence

ESET's May 2026 APT Report: Oil Shipments, Drone Makers, and a Poisoned npm Library

ESET's APT Activity Report (May 28, 2026) maps China-, North Korea-, Russia-, and Iran-aligned operations from October 2025 to March 2026 — including BlueNoroff's compromise of the axios npm package, a textbook supply-chain espionage event.

May 28, 202610 min read
Threat Intelligence

Nation-State Actors Operationalize AI: Inside GTIG's May 2026 Threat Tracker

Google's Threat Intelligence Group documented China, North Korea, Russia, and Iran moving AI from experiment to operations in May 2026 — AI-assisted vulnerability research, LLM-enabled malware, and obfuscated model-access infrastructure.

May 13, 202611 min read
Threat Intelligence

North Korean Threat Actors Flood npm with Malicious Packages

In 2024, DPRK-linked groups dramatically escalated their campaign to compromise developers through malicious npm packages, using fake job offers and typosquatting to deploy infostealers and backdoors.

Sep 1, 20246 min read
Industry Analysis

Labyrinth Chollima and Open Source Targeting

Labyrinth Chollima's operations show a specific pattern — poisoned open source packages as initial access. A profile of the tradecraft and the defensive response.

Aug 28, 20246 min read
Supply Chain Attacks

JumpCloud Supply Chain Attack: North Korea's Lazarus Group Strikes Again

How North Korean threat actors compromised JumpCloud's infrastructure to target cryptocurrency firms through a sophisticated supply chain attack in July 2023.

Jul 12, 20235 min read
Incident Analysis

3CX Desktop App: Anatomy of a Cascading Breach

How a Trading Technologies installer from 2022 poisoned the 3CX build pipeline in 2023, producing the first publicly confirmed cascading supply chain attack.

Apr 5, 20235 min read
Cryptocurrency Security

Ronin Network Hack: $625 Million Stolen from Axie Infinity's Blockchain Bridge

North Korean hackers stole $625 million from the Ronin Network bridge powering Axie Infinity, exploiting compromised validator keys in what became the largest DeFi hack in history at the time.

Mar 29, 20226 min read
north-korea — Safeguard Blog