URL has been copied successfully!
North Korea-Linked npm Packages Mimic Rollup Polyfills to Steal Developer Secrets
URL has been copied successfully!

Collecting Cyber-News from over 60 sources

North Korea-Linked npm Packages Mimic Rollup Polyfills to Steal Developer Secrets

Threat actors with ties to North Korea have been linked to a fresh set of malicious npm packages that masquerade as Rollup polyfill tooling to facilitate remote access and data theft.According to JFrog, the packages “rollup-packages-polyfill-core” and “rollup-runtime-polyfill-core” mimic the legitimate “rollup-plugin-polyfill-node” project, down to the description, repository metadata, and

First seen on thehackernews.com

Jump to article: thehackernews.com/2026/07/north-korea-linked-npm-packages-mimic.html

Loading

Share via Email
Share on Facebook
Tweet on X (Twitter)
Share on Whatsapp
Share on LinkedIn
Share on Xing
Copy link