67 Malicious Packages, XORIndex Loader Target JavaScript Code-Sharing Platform. North Korean threat actors escalated their software supply chain attacks by uploading 67 new malicious packages to the npm Registry as part of the ongoing Contagious Interview campaign. The malware targets open-source JavaScript developers with malware loaders.
First seen on govinfosecurity.com
Jump to article: www.govinfosecurity.com/north-korea-floods-npm-registry-malware-a-28990
