Security News > 2023 > November > UK and South Korea: Hackers use zero-day in supply-chain attack

The attack started with compromising a media outlet's website to embed malicious scripts into an article, allowing for a 'watering hole' attack.
State-backed North Korean hacking operations consistently rely on supply chain attacks and the exploitation of zero-day vulnerabilities as part of their cyber warfare tactics.
In March 2023, it was discovered that "Labyrinth Chollima," a subgroup of Lazarus, conducted a supply chain attack against VoIP software maker 3CX to breach multiple high-profile companies worldwide.
Last Friday, Microsoft disclosed a supply chain attack on CyberLink that the Lazarus hacking group used to distribute trojanized, digitally-signed CyberLink installers to infect at least a hundred computers with the 'LambLoad' malware.
Microsoft: Lazarus hackers breach CyberLink in supply chain attack.
Google: Hackers exploited Zimbra zero-day in attacks on govt orgs.
News URL
Related news
- North Korea targets crypto developers via NPM supply chain attack (source)
- Bybit Hack Traced to Safe{Wallet} Supply Chain Attack Exploited by North Korean Hackers (source)
- XE Hacker Group Exploits VeraCore Zero-Day to Deploy Persistent Web Shells (source)
- Hacker pleads guilty to SIM swap attack on US SEC X account (source)
- Apple fixes zero-day exploited in 'extremely sophisticated' attacks (source)
- Apple fixes zero-day flaw exploited in “extremely sophisticated” attack (CVE-2025-24200) (source)
- North Korean APT43 Uses PowerShell and Dropbox in Targeted South Korea Cyberattacks (source)
- whoAMI attacks give hackers code execution on Amazon EC2 instances (source)
- PostgreSQL Vulnerability Exploited Alongside BeyondTrust Zero-Day in Targeted Attacks (source)
- Critical PostgreSQL bug tied to zero-day attack on US Treasury (source)