The Hacker News

ScarCruft Uses Zoho WorkDrive and USB Malware to Breach Air-Gapped Networks

North Korea-linked ScarCruft’s Ruby Jumper uses Zoho WorkDrive C2 and USB malware to breach air-gapped systems for ...
The Hacker News

Trojanized Gaming Tools Spread Java-Based RAT via Browser and Chat Platforms

Trojanized gaming tools and new Windows RATs like Steaelite enable data theft, ransomware, and persistent remote control.
SecurityWeek

North Korean APT Targets Air-Gapped Systems in Recent Campaign

North Korean hacking group APT37 was seen deploying new implants, backdoors, and other tools in attacks targeting air-gapped ...
Security Boulevard

APT37 Adds New Capabilities for Air-Gapped Networks

IntroductionIn December 2025, Zscaler ThreatLabz discovered a campaign linked to APT37 (also known as ScarCruft, Ruby Sleet, and Velvet Chollima), which is a DPRK-backed threat group. In this campaign ...

APT37 hackers use new malware to breach air-gapped networks

North Korean hackers are deploying newly uncovered tools to move data between internet-connected and air-gapped systems, spread via removable drives, and conduct covert surveillance.
Security Boulevard

Dust Specter APT Targets Government Officials in Iraq

IntroductionIn January 2026, Zscaler ThreatLabz observed activity by a suspected Iran-nexus threat actor targeting government officials in Iraq. ThreatLabz discovered previously undocumented malware ...

Microsoft warns of malware campaign with gaming tools

Microsoft warns of a campaign on chat platforms where attackers slip malware to victims as supposed gaming tools.