Lucene search
K

4 matches found

The Hacker News
The Hacker News
added 2026/04/29 2:43 p.m.10 views

New Wave of DPRK Attacks Uses AI-Inserted npm Malware, Fake Firms, and RATs

Cybersecurity researchers have discovered malicious code in an npm package after a malicious package as a dependency to the project by Anthropic's Claude Opus large language model LLM. The package in question is "@validate-sdk/v2," which is listed on npm as a utility software development kit SDK...

6.1AI score
Exploits0
Talos Blog
Talos Blog
added 2025/10/16 10:0 a.m.7 views

BeaverTail and OtterCookie evolve with a new Javascript module

Cisco Talos has uncovered a new attack linked to Famous Chollima, a threat group aligned with North Korea DPRK. This group is known for impersonating hiring organizations to target job seekers, tricking them into installing information-stealing malware to obtain cryptocurrency and user credential...

8.1AI score
Exploits0
Talos Blog
Talos Blog
added 2025/06/18 10:0 a.m.25 views

Famous Chollima deploying Python version of GolangGhost RAT

In May 2025, Cisco Talos identified a Python-based remote access trojan RAT we call "PylangGhost," used exclusively by a North Korean-aligned threat actor. PylangGhost is functionally similar to the previously documented GolangGhost RAT, sharing many of the same capabilities. In recent campaigns,...

7.7AI score
Exploits0
The Hacker News
The Hacker News
added 2024/08/30 6:25 a.m.20 views

North Korean Hackers Target Developers with Malicious npm Packages

Threat actors with ties to North Korea have been observed publishing a set of malicious packages to the npm registry, indicating "coordinated and relentless" efforts to target developers with malware and steal cryptocurrency assets. The latest wave, which was observed between August 12 and 27,...

7.3AI score
Exploits0
Rows per page
Query Builder