Malicious Package

Overview @validate-ethereum-address/core is a malicious package. This package contains malicious code, and its content was not yet removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organizatio...

Malicious Package

Overview graphbase-js is a malicious package. This package contains malicious code, and its content was not yet removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

Malicious Package

Overview golangorg/logkit is a malicious package. This package is the part of North Korea’s Contagious Interview Campaign and contains malicious payload, weaponised to steal credentials, wallets, and enable remote access to affected systems. The package attempts to mimic a legitimate package and...

North Korean Hackers Flood npm Registry with XORIndex Malware in Ongoing Attack Campaign

The North Korean threat actors linked to the Contagious Interview campaign have been observed publishing another set of 67 malicious packages to the npm registry, underscoring ongoing attempts to poison the open-source ecosystem via software supply chain attacks. The packages, per Socket, have...

North Korean Hackers Deploy OtterCookie Malware in Contagious Interview Campaign

North Korean threat actors behind the ongoing Contagious Interview campaign have been observed dropping a new JavaScript malware called OtterCookie. Contagious Interview aka DeceptiveDevelopment refers to a persistent attack campaign that employs social engineering lures, with the hacking crew...