South Korea’s state-run Korea Atomic Energy Research Institute (KAERI) says its internal network was infiltrated by suspected attackers operating out of its northern counterpart. The intrusion is said to have taken place on May 14 through a vulnerability in an unnamed VPN vendor. The think tank said it took steps to block the attacker’s IP addresses in question and applied necessary security patches to the solution. KAERI attributed the incident to a “mistake in the response of the working-level staff”
Source: https://thehackernews.com/2021/06/north-korea-exploited-vpn-flaw-to-hack.html