Security · 3h ago
North Korean Hackers Publish 108 Malicious Packages in PolinRider Campaign
North Korean threat actors have published 108 malicious packages and browser extensions across npm, Packagist, Go, and Chrome as part of the ongoing PolinRider campaign. The activity, linked to the Contagious Interview campaign, involves compromising maintainer accounts to distribute malware. New malicious packages are expected to continue appearing as the campaign remains active.
Meridian48 take
The scale and persistence of this campaign underscore the growing sophistication of state-backed supply chain attacks, but the real test is how quickly package registries can detect and remove these threats.
Read the full reporting
North Korean Hackers Publish 108 Malicious Packages and Extensions in PolinRider Campaign →
The Hacker News
supply-chain-attacksnorth-korea