Defense and manufacturing organizations across South Korea have been subjected to attacks deploying the new Xctdoor malware through a hacked South Korean enterprise resource planning software update server, echoing a technique previously leveraged by North Korean state-sponsored advanced persistent threat operation and Lazarus Group sub-cluster Andariel to facilitate the delivery of the HotCroissant and Riffdoor…

Read More