Lazarus Group attacks take aim at software vendors for malware deployment

BleepingComputer reports that numerous software vendors have been subjected to attacks by North Korea's Lazarus Group from March to August that involved the exploitation of known software vulnerabilities for malware deployment, one of which was compromised multiple times, indicating an attempted software supply chain attack.

aim attack attacks august bleepingcomputer compromised deployment exploitation korea lazarus lazarus group malware march north north korea reports software software supply chain software supply chain attack software vendors software vulnerabilities supply supply chain supply chain attack threat intelligence vendors vulnerabilities