Security News > 2025 > January > PlushDaemon APT Targets South Korean VPN Provider in Supply Chain Attack
2025-01-22 08:49
A previously undocumented China-aligned advanced persistent threat (APT) group named PlushDaemon has been linked to a supply chain attack targeting a South Korean virtual private network (VPN) provider in 2023, according to new findings from ESET. "The attackers replaced the legitimate installer with one that also deployed the group's signature implant that we have named SlowStepper – a
News URL
https://thehackernews.com/2025/01/plushdaemon-apt-targets-south-korean.html
Related news
- CISA tags SonicWall VPN flaw as actively exploited in attacks (source)
- SonicWall SMA VPN devices targeted in attacks since January (source)
- Ripple's xrpl.js npm Package Backdoored to Steal Private Keys in Major Supply Chain Attack (source)
- Ripple NPM supply chain attack hunts for private keys (source)
- SonicWall warns of more VPN flaws exploited in attacks (source)
- Magento supply chain attack compromises hundreds of e-stores (source)
- Malicious Go Modules Deliver Disk-Wiping Linux Malware in Advanced Supply Chain Attack (source)
- SonicWall urges admins to patch VPN flaw exploited in attacks (source)
- Supply chain attack hits npm package with 45,000 weekly downloads (source)
- RVTools hit in supply chain attack to deliver Bumblebee malware (source)