Tag: github-c2

All the articles with the tag "github-c2".

• North Korea-Linked Hackers Use GitHub as C2 Infrastructure to Attack South Korea

  07 Apr 2026

  FortiGuard Labs has uncovered a new campaign by the North Korea-linked Kimsuky group using GitHub as Command-and-Control infrastructure. The multi-stage attack begins with phishing LNK files, employs heavy anti-VM and anti-analysis techniques, establishes persistence via scheduled tasks, and exfiltrates data to attacker-controlled GitHub repositories.