Cybersecurity researchers have flagged a new malicious campaign related to the North Korean state-sponsored threat actor known as Kimsuky that exploits a now-patched vulnerability impacting Microsoft Remote Desktop Services to gain initial access.
The activity has been named Larva-24005 by the AhnLab Security Intelligence Center (ASEC).
"In some systems, initial access was gained through



Source: TheHackerNews
Source Link: https://thehackernews.com/2025/04/kimsuky-exploits-bluekeep-rdp.html