Sonatype’s automated detection systems have uncovered an expansive and ongoing infiltration of the global open-source ecosystem by the notorious Lazarus Group, a threat actor believed to be backed by North Korea’s Reconnaissance General Bureau. Between January and July 2025, Sonatype identified and blocked 234 malicious software packages deployed through both the npm and PyPI open-source […] The post Lazarus Hackers Weaponize 234 npm and PyPI Packages to Infect Developers appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
First seen on gbhackers.com
Jump to article: gbhackers.com/lazarus-hackers-weaponize-234-npm-and-pypi-packages/
