North Korean group UNC1069 targets Node.js maintainers using fake LinkedIn and Slack profiles to spread malware and compromise open source packages.
First seen on hackread.com
Jump to article: hackread.com/unc1069-node-js-maintainer-fake-linkedin-slack-profile/
