A group of more than two dozen malicious npm packages used to steal secrets and credentials from software developers has all the hallmarks – from infrastructure to operations – of Famous Chollima, the North Korean nation-state actor linked to the ongoing high-profile Contagious Interview scam. Threat researchers with Socket and Kieran Miyamoto of the DPRK […]
N. Korea Contagious Interview Campaign Turns to VS Code to Deliver Backdoor
Jamf security researchers said state-sponsored espionage actors are using malicious VS Code projects to steal information.