cybersecurity
North Korea-Linked npm Packages Mimic Rollup Polyfills to Steal Developer Secrets
Source:
feeds.feedburner.com 1 min read
Share
You are reading a summary. The full content is hosted on feeds.feedburner.com.
Threat actors with ties to North Korea have been linked to a fresh set of malicious npm packages that masquerade as Rollup polyfill tooling to facilitate remote access and data theft. According to JFrog, the packages "rollup-packages-polyfill-core" and "rollup-runtime-polyfill-core" mimic the legitimate "rollup-plugin-polyfill-node" project, down to the description, repository metadata, and
Read the full article on the original website
External link to feeds.feedburner.com
Related Articles
cybersecurity
JadePuffer ransomware used AI agent to automate entire attack
1 min read •
cybersecurity
U.S. Government Entity Paid Kairos $1 Million in Data-Theft Extortion Case
1 min read •
cybersecurity
North Korean Hackers Publish 108 Malicious Packages and Extensions in PolinRider Campaign
1 min read •
