Cybersecurity researchers have uncovered North Korean-linked npm packages involved in the Contagious Interview campaign targeting developers through social engineering. The campaign employs malicious packages containing loaders and payloads like BeaverTail and InvisibleFerret to steal data and establish remote access. #ContagiousInterview #NorthKoreaThreats
Keypoints
- 35 malicious npm packages have been linked to the North Korean Contagious Interview operation.
- The packages contain HexEval loaders that deliver malware such as BeaverTail and InvisibleFerret.
- The campaign mainly targets software developers using fake job offers and social engineering tactics.
- Malicious packages are designed to evade static scanners and manual reviews with nested payloads.
- This sophisticated supply chain attack highlights evolving techniques by North Korean threat actors to compromise trusted ecosystems.
Read More: https://thehackernews.com/2025/06/north-korea-linked-supply-chain-attack.html