North Korean hackers linked to a state-sponsored espionage group, APT37, have been discovered infiltrating Google’s Play Store with Android malware “KoSpy”. The malware targets Korean and English-speaking users and collects extensive data, such as location information and call logs from compromised devices. With a two-stage command and control infrastructure, it is designed to maintain persistence for extended periods. The malicious apps have since been removed from the Play Store.

AI Chatbot DeepSeek R1 Can Be Manipulated to Create Malware
Tenable Research has revealed that open-source AI chatbot DeepSeek R1 can be manipulated to generate keyloggers and ransomware. Initially refusing to write malicious code, researchers