Alerts
Events
DCR
Explore Cyware Products
Alerts
Events
DCR
Go to listing page
Dissecting Kimsuky’s Attacks on South Korea: In-Depth Analysis of GitHub-Based Malicious Infrastructure | EnkiWhiteHat
Threat Actors
June 24, 2025
enki
A newly uncovered spearphishing campaign by North Korean threat actor Kimsuky has been active since March 2025, leveraging GitHub and Dropbox to distribute malware, including the open-source XenoRAT.
Read More
Kimsuky
Spearphishing Attack
Publisher
Previous
Ransomware gang says it hacked Dairy Farmers of America ...
Breaches and Incidents
Next
Analysis of TAG-140 Campaign and DRAT V2 Development Ta ...
Malware and Vulnerabilities
/https://cyware-ent.s3.amazonaws.com/image_bank/5435_shutterstock_619957136.jpg)
/https://cyware-ent.s3.amazonaws.com/image_bank/5c75_shutterstock_1705165948.jpg)
