The attacks, which involved fake job offers as a social engineering lure, were likely aimed at stealing proprietary information about drone manufacturing, ESET said in a report.
The China-linked operation has grown from a phishing kit marketplace into an active and growing community supporting a decentralized large-scale phishing ecosystem.
A sign for the National Security Agency (NSA), U.S. Cyber Command and Central Security Service, is seen near the visitor’s entrance to the headquarters of the NSA at the entrance in Fort Meade, Maryland, February 14, 2018. (Photo by SAUL LOEB/AFP via Getty Images)
John Bolton, former national security adviser to President Trump, arrives home as the FBI searches his house August 22, 2025 in Bethesda, Maryland. The FBI conducted a court-authorized search of Bolton’s home. (Photo by Andrew Harnik/Getty Images)
In this picture taken near the truce village of Panmunjom inside the demilitarized zone (DMZ) separating the two Koreas, a bird flies near a North Korean flag fluttering in the wind at the propaganda village of Gijungdong in North Korea on October 4, 2022. (Photo by ANTHONY WALLACE/AFP via Getty Images)
Research from Cisco Talos and Google Threat Intelligence Group underscores the extent to which North Korea-aligned attackers attempt to avoid detection.
Cyber authorities issued their second emergency directive in three weeks. This one requires agencies to mitigate or disconnect potentially compromised F5 devices and services.
The vendor belatedly admitted the max-severity vulnerability was actively exploited weeks after researchers and officials confirmed as much independently.
