{
  "$type": "site.standard.document",
  "bskyPostRef": {
    "cid": "bafyreifljvrtqisjyk3a4imh2pnka6k2sp7vhhtlr3io366hp267anwq6e",
    "uri": "at://did:plc:6wtxqaikjf62unmnajbfbq5v/app.bsky.feed.post/3mit2lnfz7en2"
  },
  "coverImage": {
    "$type": "blob",
    "ref": {
      "$link": "bafkreiexizfqeapw3mxz4liaccqoftj7ndzw6metq2dzloqotzkt4etnky"
    },
    "mimeType": "image/webp",
    "size": 90088
  },
  "path": "/north-korea-linked-hackers-hide-phishing-command-traffic-inside-github-in-new-lnk-attacks/",
  "publishedAt": "2026-04-05T18:13:58.000Z",
  "site": "https://vpncentral.com",
  "tags": [
    "News",
    "North Korea-linked hackers hide phishing command traffic inside GitHub in new LNK attacks",
    "VPN Central"
  ],
  "textContent": "A newly disclosed cyber campaign tied to North Korea-linked threat activity uses Windows shortcut files, or LNK files, to target organizations in South Korea while hiding attacker traffic inside GitHub. FortiGuard Labs says the operation relies on multi-stage scripts, decoy PDF files, and GitHub-hosted infrastructure to keep command traffic and stolen data blended into normal […]\n\nThe post North Korea-linked hackers hide phishing command traffic inside GitHub in new LNK attacks appeared first on VPN Central.",
  "title": "North Korea-linked hackers hide phishing command traffic inside GitHub in new LNK attacks"
}