North Korea-linked WaterPlum used new StoatWaffle malware in VSCode supply chain campaign

A North Korea-linked threat cluster known as WaterPlum has started using a new malware family called StoatWaffle in a supply chain-style campaign that abuses Visual Studio Code project workflows. Research published on March 17 says the malware appeared in blockchain-themed repositories rigged to execute automatically when a developer opened the folder in VS Code and […] The post North Korea-linked WaterPlum used new StoatWaffle malware in VSCode supply chain campaign appeared first on VPN Central.