Lazarus Group Strikes Again: Npm Packages Weaponized in Supply Chain Attack

The Chinese cybersecurity firm QiAnXin has identified a new campaign by the Lazarus group, which employs npm packages to launch supply chain attacks through a multi-tiered loading method to conceal the traces of their...