New DPRK Interview Campaign Leverages Fake Fonts to Deploy Malware

The Lazarus Group has initiated a Fake Font campaign, a sophisticated supply chain attack targeting software developers through fake job interviews and malicious GitHub repositories. This campaign employs fake font files to deploy the InvisibleFerret malware, designed to steal sensitive information and gain long-term access to compromised systems.