Resources

North Korean Hackers Turn JSON Services into Covert Malware Delivery Channels

The North Korean threat actors behind the Contagious Interview campaign have once again tweaked their tactics by using JSON storage services to stage malicious payloads.
“The threat actors have recently resorted to utilizing JSON storage services like JSON Keeper, JSONsilo, and npoint.io to host and deliver malware from trojanized code projects, with the lure,” NVISO researchers Bart Parys, Stef

Related resources

28 November 2025

Legacy Python Bootstrap Scripts Create Domain-Takeover Risk in Multiple PyPI Packages

Cybersecurity researchers have discovered vulnerable code in legacy Python packages that could potentially pave the way for a supply chain compromise on the Python Package Index (PyPI) via a domain […]

5 September 2025

SAP S/4HANA Critical Vulnerability CVE-2025-42957 Exploited in the Wild

A critical security vulnerability impacting SAP S/4HANA, an Enterprise Resource Planning (ERP) software, has come under active exploitation in the wild. The command injection vulnerability, tracked as CVE-2025-42957 (CVSS score: […]

14 April 2026

New PHP Composer Flaws Enable Arbitrary Command Execution — Patches Released

Two high-severity security vulnerabilities have been disclosed in Composer, a package manager for PHP, that, if successfully exploited, could result in arbitrary command execution. The vulnerabilities have been described as command injection flaws affecting the […]

Upcoming Speaking Engagements

Friday Squid Blogging: Pilot Whales Eat a Lot of Squid

Resources

North Korean Hackers Turn JSON Services into Covert Malware Delivery Channels

Related resources

Legacy Python Bootstrap Scripts Create Domain-Takeover Risk in Multiple PyPI Packages

SAP S/4HANA Critical Vulnerability CVE-2025-42957 Exploited in the Wild

New PHP Composer Flaws Enable Arbitrary Command Execution — Patches Released

Links

Enterprise Solutions

SMB Solutions

Contact Us

Follow Us