North Korean hackers bug software used by thousands of US companies in potential crypto heist attempt
CNN • • business
Key Points:
- Suspected North Korean hackers compromised the open-source software Axios, used by thousands of US companies, in a supply-chain attack lasting three hours, potentially affecting numerous sectors including healthcare, finance, and cryptocurrency firms.
- The hackers sent malicious updates through the developer's account, prompting a response to regain control and assess damage, with experts warning the recovery and impact assessment could take months.
- Mandiant, a Google-owned cyber-intelligence firm, attributed the attack to a North Korean group aiming to steal cryptocurrency to fund the regime's nuclear and missile programs.
- This incident follows a pattern of North Korean cyberattacks targeting software providers and cryptocurrency firms, with the regime reportedly funding about half of its missile program through such digital heists.
- Security experts highlighted the risks posed by unchecked software development practices and the broader vulnerability of the software supply chain in the current AI-driven development environment.
![Pixel 11 Pro is thinner, but mostly the same in first leak [Gallery]](https://media-cdn.cashwalklabs.io/https%3A%2F%2Fi0.wp.com%2F9to5google.com%2Fwp-content%2Fuploads%2Fsites%2F4%2F2026%2F03%2Fgoogle-pixel-11-pro-onl-2.webp%3Fresize%3D1200%252C628%26quality%3D82%26strip%3Dall%26ssl%3D1?format=webp&w=120&h=80){kind=tracking}
