The Hacker News

DPRK-Linked Hackers Use GitHub as C2 in Multi-Stage Attacks Targeting South Korea

DPRK-linked actors use GitHub C2 and LNK phishing in South Korea, enabling persistent PowerShell control and data ...
Arabian Post

GitHub shortcut ruse hits South Korean networks

Earlier variants used simple obfuscation to hide GitHub addresses and access tokens, while later samples shifted to decoding routines inside the shortcut arguments, suggesting the operators have ...
Infosecurity Magazine

GitHub Used as Covert Channel in Multi-Stage Malware Campaign

A series of malicious LNK files targeting users in South Korea has been detected using a multi-stage attack chain that uses ...
Arabian Post

GitHub channel masks malware stages

GitHub has been drawn into another cyber threat case after researchers uncovered a multi-stage malware campaign using ...
CSO Online

North Korean hackers abuse LNKs and GitHub repos in ongoing campaign

The multi-stage campaign targeting South Korea uses weaponized Windows shortcuts and GitHub-based command and control to ...