Konni Deploys EndRAT Through Phishing, Uses KakaoTalk to Propagate Malware

March 17, 2026
No Comments

Konni Deploys EndRAT Through Phishing, Uses KakaoTalk to Propagate Malware

North Korean threat actors have been observed sending phishing to compromise targets and obtain access to a victim’s KakaoTalk desktop application to distribute malicious payloads to certain contacts.
The activity has been attributed by South Korean threat intelligence firm Genians to a hacking group referred to as Konni.
“Initial access was achieved through a spear-phishing email disguised as a

Leave a Reply Cancel reply

ShinyHunters Claims It Stole 1PB of Data from TELUS Digital March 17, 2026
TELUS Digital has fallen victim to a security incident in which unsanctioned actors accessed its systems. Upon learning of this incident, the company said it took immediate action to resolve it and prevent any future breaches of its systems and environment. “All business operations within TELUS Digital remain fully operational, and there is no evidence of […]
Kirsten Doyle
Why OSINT deserves the same status as other intelligence disciplines March 17, 2026
Open source intelligence (OSINT) still sits outside the intelligence mainstream. If you’re not acquainted with the intelligence profession, you might not have come across the term at all. OSINT is the targeted collection and analysis of publicly available or licensable data to generate actionable intelligence. The discipline is a critical tool for combating crime and […]
Chris P.
A Latte Trouble: Starbucks HR Accounts Hit in Credential Theft Incident March 16, 2026
Starbucks has disclosed a data breach attackers gained access to hundreds of employees’ Starbucks Partner Central accounts, which are used for managing employment information, personal data, benefits, and HR information. In a letter sent to affected staff members, the company said: “On or about February 6, 2026, Starbucks Corporation (“Starbucks” or “we”) became aware of potential unauthorized access […]
Kirsten Doyle
The AI Doomsday Clock: When AI Becomes a Business Dependency, Not a Tool March 16, 2026
Most conversations about AI in business start with the wrong question of “Can AI do the job?” It is entirely the wrong place to start. The real question for leadership is quieter but vastly more important…“Will this platform still exist, function, and be supportable when the AI bubble shifts?” Right now, many organizations are not […]
Gene Moody
Researchers Show How “AI Judges” Can Be Tricked Into Approving Harmful Content March 13, 2026
Security researchers have demonstrated how a growing class of AI safety controls (known as AI judges) can be manipulated into approving content they are supposed to block. In new research published by cybersecurity firm Palo Alto Networks’ threat intelligence team Unit 42, analysts describe how automated “fuzzing” techniques can uncover hidden weaknesses in the large language models that many organizations […]
Kirsten Doyle
Cutting Into Overtime, Not Corners: How Network Automation Drives Business Value March 13, 2026
“You’re cutting into my overtime. But if I can schedule upgrades to happen overnight and sleep better, I’m in!” This is what a network engineer recently told me as I was discussing network automation. Network infrastructure owners I speak with are looking for ways to maximize the value from their investments. Meanwhile, their teams are […]
Irfahn Khimji
Iranian Hacktivists Claim Attack on US Medtech Firm Stryker March 12, 2026
Stryker, a global medical technology company based in Michigan, has fallen victim to a data-wiping attack. A hacktivist group affiliated with Iran’s intelligence services is claiming responsibility for the incident. Reports coming from Ireland, Stryker’s largest base outside of the US, indicated that the company had sent home over 5,000 workers. Also, a voicemail message left on Stryker’s […]
Kirsten Doyle
ShinyHunters Claims Responsibility for Widespread Salesforce Data Theft March 11, 2026
Salesforce has warned customers that it has identified a campaign in which threat actors are exploiting customers’ overly permissive guest user settings to potentially access more data than targeted businesses intended. “Evidence indicates the threat actor is leveraging a modified version of the open-source tool Aura Inspector (originally developed by Mandiant) to perform mass scanning of public-facing Experience Cloud sites,” the statement read. Although the original Aura […]
Kirsten Doyle
Meta’s Smart Glasses Privacy Scandal Expands After Sama Credentials Found on the Dark Web March 10, 2026
A privacy controversy surrounding Meta Platforms’ Ray-Ban smart glasses has taken a new turn after security researchers uncovered dozens of exposed credentials linked to the company’s data-annotation contractor. Last week, Swedish outlets Svenska Dagbladet and Göteborgs-Posten reported that footage captured by Meta’s smart glasses (developed with Ray-Ban) was being reviewed by human annotators working for outsourcing firm Sama. According […]
Kirsten Doyle
Your Secret Scanner Has a Blind Spot: Here’s How to Fix It March 10, 2026
Every penetration tester has had the moment. You are two days into an engagement, sifting through cloned repositories and intercepted HTTP responses, and a hardcoded AWS key appears in a config file that has been sitting in version control for months. Nobody rotated it. Nobody noticed. And when you validate it, the key is still […]
Michael Weber, Noah Tutt and Zach Grace

Konni Deploys EndRAT Through Phishing, Uses KakaoTalk to Propagate Malware

CISA Flags Actively Exploited Wing FTP Vulnerability Leaking Server Paths

AI is Everywhere, But CISOs are Still Securing It with Yesterday’s Skills and Tools, Study Finds

Leave a Reply Cancel reply

[email protected]

Konni Deploys EndRAT Through Phishing, Uses KakaoTalk to Propagate Malware

Konni Deploys EndRAT Through Phishing, Uses KakaoTalk to Propagate Malware

Share :

Leave a Reply Cancel reply