North Korea-linked threat actor WaterPlum has introduced a highly evasive new malware strain called StoatWaffle. Operating under the well-known “Contagious Interview” campaign, a specific subgroup, Team 8, has recently shifted its attacking tactics. Previously relying on the OtterCookie malware, this cluster began deploying StoatWaffle around December 2025. This sophisticated new attack vector specifically targets software […] The post WaterPlum Launches New StoatWaffle Malware via VSCode-Themed Attack appeared first on Cyber Security News.