North Korean Hackers Turn JSON Services into Covert Malware Delivery Channels

Updated on November 14, 2025

The North Korean threat actors behind the Contagious Interview campaign have once again tweaked their tactics by using JSON storage services to stage malicious payloads.
“The threat actors have recently resorted to utilizing JSON storage services like JSON Keeper, JSONsilo, and npoint.io to host and deliver malware from trojanized code projects, with the lure,” NVISO researchers Bart Parys, Stef…

Read the rest of the story at Read More

Source: The Hacker News

June 9, 2025 Uncategorized

Think Your IdP or CASB Covers Shadow IT?...

October 15, 2025 Uncategorized

How Attackers Bypass Synced Passkeys

September 28, 2024 Uncategorized

North Korean Hackers Turn JSON Services into Covert Malware Delivery Channels

Related posts

Think Your IdP or CASB Covers Shadow IT?...

How Attackers Bypass Synced Passkeys

Crypto Scam App Disguised as WalletConne...

Leave a Comment Cancel reply

Recent News

ShadowRay 2.0 Exploits Unpatched Ray Flaw to Build Self-Spreading GPU Cryptomining Botnet

Tsundere Botnet Expands Using Game Lures and Ethereum-Based C2 on Windows

ThreatsDay Bulletin: 0-Days, LinkedIn Spies, Crypto Crimes, IoT Flaws and New Malware Waves

CTM360 Exposes a Global WhatsApp Hijacking Campaign: HackOnChat

New Sturnus Android Trojan Quietly Captures Encrypted Chats and Hijacks Devices

Iran-Linked Hackers Mapped Ship AIS Data Days Before Real-World Missile Strike Attempt

TamperedChef Malware Spreads via Fake Software Installers in Ongoing Global Campaign

Hackers Actively Exploiting 7-Zip Symbolic Link–Based RCE Vulnerability (CVE-2025-11001)

Python-Based WhatsApp Worm Spreads Eternidade Stealer Across Brazilian Devices

WrtHug Exploits Six ASUS WRT Flaws to Hijack Tens of Thousands of EoL Routers Worldwide