APT / THREAT GROUP
PL
1
aliases
Intelligence Profile
ransomware
Threat Analysis
PL is a known-sophistication threat actor of undetermined national origin, engaged in cyber operations with a primary motivation of unknown activity patterns.
Intelligence Reports Mentioning PL
North Korea-Linked npm Packages Mimic Rollup Polyfills to Steal Developer Secrets
The Hacker News· Jul 3, 2026
ARToken PhaaS exposes EvilTokens' Microsoft 365 phishing toolkit
BleepingComputer· Jul 3, 2026
Verified X ad spreads Mac malware, while ConsentFix steals Microsoft accounts
Malwarebytes Labs· Jul 3, 2026
Qilin Dominates Ransomware Market Amid Growing Cybercrime Consolidation
Infosecurity Magazine· Jul 3, 2026
Agentic AI Used to Conduct Ransomware Attack via Langflow
SecurityWeek· Jul 3, 2026
Medtronic Data Breach Impacts 3.8 Million People
SecurityWeek· Jul 3, 2026
PamStealer Uses Fake Maccy Sites and PAM Checks to Steal Mac Login Passwords
The Hacker News· Jul 3, 2026
Claude Fable 5 isn’t permanently leaving subscriptions, Anthropic says
BleepingComputer· Jul 2, 2026
Quick Facts
TypeAPT / Threat Group
Aliases1
Also Known As
PL
Research Links
Data sourced from Malpedia, Ransomware.live, RansomLook, and CTIWATCH OSINT collection. Actor attribution is based on available intelligence and may be incomplete.