APT43, a notorious North Korean state-sponsored hacking group, has been actively targeting academic institutions worldwide, exploiting exposed credentials to gain unauthorized access. Cyfirma analysts detected that the group uses a variety of malware, including RftRAT, VENOMBITE, and DEEP#GOSU, to infiltrate systems.

Read more here.