Security News DPRK-Linked Hackers Use GitHub as C2 in Multi-Stage Attacks Targeting South Korea TheHackerNews Daniel Bender 06 Apr 2026 DPRK-linked actors use GitHub C2 and LNK phishing in South Korea, enabling persistent PowerShell control and data exfiltration.
