North Korean hackers targeted ethnic Koreans in China with Android ‘BirdCall’ malware

Thursday, May 7, 2026 at 12:12 AM UTC·Source: The Record

Updated: Wednesday, May 6, 2026 at 01:00 AM UTC

Executive Summary

Researchers at cybersecurity firm ESET attributed the campaign to APT37 and said the hackers used a backdoor attached to a suite of card games from a company called Sqgame.

Analysis

Researchers at cybersecurity firm ESET attributed the campaign to APT37 and said the hackers used a backdoor attached to a suite of card games from a company called Sqgame.

Source Attribution

Originally published by The Record on May 7, 2026.

Related Threats

MEDIUMApt

Russian Spies Are Aggressively Seeking Western Technology as Sanctions Bite, Officials Say

Moscow’s agents are building fake companies, recruiting middlemen and deploying cyber spies and hackers who gather information that could be used to attack key infrastructure. The post Russian Spies Are Aggressively Seeking Western Technology as Sanctions Bite, Officials Say appeared first on SecurityWeek .

14h agoSecurityWeek

MEDIUMApt

Name That Toon: Mark of (Cybersecurity) Progress

As part of Dark Reading's 20th anniversary package, we asked readers for a cybersecurity-related caption that captures their thoughts about the industry's last two decades.

1d agoDark Reading

LOWApt

Notepad++ vulnerabilities could enable arbitrary code execution on Windows systems

Two arbitrary code execution vulnerabilities in Notepad++ let local attackers run commands of their choice on Windows machines by tampering with the editor’s XML configuration files, with both flaws rated High at CVSS 7.8. The flaws, tracked as CVE-2026-48778 and CVE-2026-48800, affect every version of the editor up to and including 8.9.6, Notepad++ said in a release note . However, the vulnerabil

CVE-2026-48778CVE-2026-48800

1d agoCSO Online