APT32 Targets Vietnamese Human Rights Group for Over Four Years with Cobalt Strike Beacons; North Korean Hackers Launch npm Attacks

A Vietnamese human rights organization has been the target of a multi-year cyberattack attributed to the hacking group APT32, also known as OceanLotus. The attacks, which have persisted for over four years, involved the use of spear-phishing tactics and the deployment of Cobalt Strike Beacons to compromise the organization's systems. Sensitive data, including Google Chrome cookies and personal information, has been stolen during this prolonged breach. In related cybersecurity concerns, researchers have reported watering-hole attacks exploiting vulnerabilities in Safari and Chrome, linked to Russian hacking group APT29, targeting Mongolian government sites. Additionally, North Korean hackers have initiated a new wave of attacks, including malicious npm package deployments aimed at developers, further highlighting the ongoing threats in the cybersecurity landscape.