Key Findings North Korean threat actors behind the Contagious Interview campaign have adopted a new tactic of using JSON storage services to host and deliver malware. The campaign involves approaching targets on professional networking sites under the pretext of a job assessment or project collaboration, instructing them to download a demo project hosted on platforms like GitHub, GitLab, or Bitbucket. In one such project, a file named "server/config/.config.env" contains a Ba
