CybersecurityJuly 5, 2026· via The Hacker News

North Korean hackers flood repositories with 108 malicious packages

North Korean hackers flood repositories with 108 malicious packages

Image : The Hacker News

A fresh wave of supply-chain attacks is washing over open-source ecosystems, as North Korean hackers unleash 108 malicious packages and browser extensions across npm, Packagist, Go and the Chrome Web Store. The ongoing PolinRider campaign remains active, with the threat actors steadily compromising maintainer accounts to plant their malicious code.

A widening net across ecosystems

The attackers have diversified their delivery channels, embedding harmful payloads not only in JavaScript packages on npm and PHP libraries on Packagist, but also in Go modules and Chrome extensions. Each compromised package or extension can silently exfiltrate sensitive data or deliver additional malware once installed by unsuspecting developers and users.

How the campaign stays under the radar


Source: The Hacker News. AI-assisted editorial synthesis — TechnoExpress.

Read the original source on The Hacker News →

← Back to home