North Korean Lazarus Group Now Working With Medusa Ransomware

North Korean state-backed Lazarus actors (including Stonefly/Andariel) have been observed using the Medusa ransomware (run as RaaS) in extortion campaigns targeting U.S. healthcare and other organizations; the report describes associated tooling (Comebacker, Blindingcan, ChromeStealer, Mimikatz, RP_Proxy, etc.), links to prior indictments, and provides numerous IOCs (file hashes, IPs, domains) and mitigation guidance.