DPRK hackers have successfully stolen approximately $137 million from users of the Tron blockchain. The attack involved sophisticated phishing techniques and targeted the platform's infrastructure, highlighting ongoing security vulnerabilities in cryptocurrency networks.

Slow Pisces, a North Korean state-sponsored threat group, has stolen over $1 billion from the cryptocurrency sector in 2023 by targeting developers through disguised job offers on LinkedIn. They use malware hidden within coding challenges and have been linked to significant thefts from cryptocurrency companies, prompting action from GitHub and LinkedIn to remove malicious accounts. The malware employs advanced techniques like YAML deserialization to evade detection and execute additional payloads.

The official Stellar Blade account on the platform X was hacked, leading to unauthorized posts promoting a fake token and phishing schemes. Users were warned against engaging with the posts, which falsely promised airdrops and in-game rewards. The Stellar Blade team is working on recovering the account and advised the community to remain cautious.

Threat actors have exploited SourceForge to distribute fake Microsoft Office add-ins that install malware, including cryptocurrency miners and clipboard hijackers, on victims' computers. Over 4,600 systems, primarily in Russia, have been affected by this campaign, which involved deceptive project pages mimicking legitimate tools. Users are advised to download software only from trusted sources and verify files before execution.