cybersecurity

North Korea-Linked npm Packages Mimic Rollup Polyfills to Steal Developer Secrets

Source: feeds.feedburner.com 1 min read

Share

North Korea-Linked npm Packages Mimic Rollup Polyfills to Steal Developer Secrets

You are reading a summary. The full content is hosted on feeds.feedburner.com.

Threat actors with ties to North Korea have been linked to a fresh set of malicious npm packages that masquerade as Rollup polyfill tooling to facilitate remote access and data theft. According to JFrog, the packages "rollup-packages-polyfill-core" and "rollup-runtime-polyfill-core" mimic the legitimate "rollup-plugin-polyfill-node" project, down to the description, repository metadata, and

Read the full article on the original website

External link to feeds.feedburner.com

Related Articles