North Korea-linked hackers hide phishing command traffic inside GitHub in new LNK attacks

A newly disclosed cyber campaign tied to North Korea-linked threat activity uses Windows shortcut files, or LNK files, to target organizations in South Korea while hiding attacker traffic inside GitHub. FortiGuard Labs says the operation relies on multi-stage scripts, decoy PDF files, and GitHub-hosted infrastructure to keep command traffic and stolen data blended into normal […] The post North Korea-linked hackers hide phishing command traffic inside GitHub in new LNK attacks appeared first on VPN Central.