DevSecOps company Phylum says that North Korean hackers have returned to uploading malicious packages on npm. They previously ran similar campaigns in November 2023 and January this year. The latest campaign expanded to target macOS devices on top of Windows users. Chinese security firm QiAnXin previously linked the campaign to the Lazarus Group.

Phylum Research | Software Supply Chain Security

Nation-State Threat Actors Renew Publications to npm | Phylum

North Korean threat actors return to npm with a new attack. Phylum detects malicious packages targeting macOS and Windows. Protect your software su...