TI Mindmap HUB
Threat Intelligence Report

Inside DPRK Operations: New Lazarus and Kimsuky Infrastructure Uncovered Across Global Campaigns

📅 December 19, 2025 📰 hunt.io 🔍 1 CVE(s) referenced

North Korean threat actors Lazarus and Kimsuky are operating a globally interconnected infrastructure—reusing open directories, credential theft toolkits, FRP tunnels, and certificates—that reveals consistent, trackable patterns across their espionage and financial campaigns.

vendor
CVE-2025-55182

Sign in to access the full report including:
detailed analysis, IOCs, MITRE ATT&CK mapping, and STIX bundle.

🔐 Sign In to Read Full Report

You'll need to accept our Terms of Service to access the platform.

📊 Visual Mindmap
🎯 IOC Extraction
⚔️ MITRE ATT&CK TTPs
📦 STIX 2.1 Bundle