An ostensibly innocuous package for validating Google Gemini tokens manifested within the npm repository, yet beneath its rudimentary facade lurked a sophisticated instrument of subversion capable of compromising a developer’s environment. On March 20,...
North Korean cyber-adversaries are endeavoring to surreptitiously supplant the MetaMask cryptocurrency wallet extension directly upon a victim’s workstation—an operation which, if executed successfully, remains ostensibly imperceptible to the user. This stratagem was delineated within...
The North Korean threat collective PurpleBravo has, for over a year, orchestrated a sophisticated and targeted offensive designated as Contagious Interview. This campaign utilizes fraudulent recruitment processes to assault enterprises across Europe, Asia, the...
North Korea’s Contagious Interview malware campaign continues to escalate its pressure on the JavaScript-development ecosystem. Threat actors affiliated with DPRK hacking units are massively uploading malicious packages to the npm repository, disguising spyware distribution...
