North Korean Hackers Targeting Developers with Malicious npm Packages
February 26, 2024 at 07:39AM Fake npm packages linked to North Korean state-sponsored actors were discovered on the Node.js repository, posing a software supply chain attack. The malicious packages, posing as legitimate ones, installed cryptocurrency and credential stealers. The attackers made efforts to conceal the code and made connections to North Korean threat actors. Vigilance … Read more