Tagged: Developer Security

Lazarus Group Moobot botnet Ransomware War

August 5, 2025

Lazarus Group’s Covert Supply Chain Attack: North Korean APT Poisons Open Source to Steal Developer Secrets

In the first half of 2025, Sonatype uncovered a large-scale, ongoing assault on the open-source software ecosystem, orchestrated by the North Korean threat actor known as Lazarus. Sonatype’s automated malware detection systems were the...

Cybercriminals

July 25, 2025

npm Supply Chain Attack Exposes Devs to “Scavenger” Malware Via Phished Accounts

A major incident has rocked the npm ecosystem: the widely-used package eslint-config-prettier suddenly received an update devoid of any corresponding changes on GitHub. Developers quickly grew suspicious—and with good reason. The package’s maintainer later...

Tagged: Developer Security

Lazarus Group’s Covert Supply Chain Attack: North Korean APT Poisons Open Source to Steal Developer Secrets

npm Supply Chain Attack Exposes Devs to “Scavenger” Malware Via Phished Accounts

Search

Brilliantly

Content & Links