See every side of every news story
Get Started
SubscribeLogin
Israel-Hamas Conflict
Donald Trump
Social Media
US Politics
Natural Disasters
Republican Party
Artificial Intelligence
Immigration
US Crime
Democratic Party
Education
Crime
Golf
Published loading...Updated

North Korean Hackers Release Malware-Ridden Packages Into Npm Registry

NORTH KOREA, JUL 15 – North Korean state-backed actors distributed 67 malicious npm packages with XORIndex malware, amassing over 17,000 downloads to steal developer credentials and cryptocurrency data.

Summary by Tech Radar
A second wave of tainted packages was spotted on npm, likely part of a larger campaign.

9 Articles

The Epoch TimesThe Epoch Times
Lean Right

Security Agencies Warn Canadians About Unknowingly Hiring Remote North Korean IT Workers

Canadian authorities have issued a warning about the dangers of hiring remote IT professionals who could be North Korean state-affiliated workers, posing as freelancers with a strong technical skill set and hiding their identity. A joint advisory was issued by the RCMP, Public Safety Canada, Global Affairs Canada, the Financial Transactions and Reports Analysis Centre of Canada, and the Canadian Centre for Cyber Security on July 16 warning Canad…

·New York, United States
Read Full Article
Tech RadarTech Radar
Center

North Korean hackers release malware-ridden packages into npm registry

A second wave of tainted packages was spotted on npm, likely part of a larger campaign.

·United Kingdom
Read Full Article
BleepingComputerBleepingComputer
Center

North Korean XORIndex malware hidden in 67 malicious npm packages

North Korean threat actors planted 67 malicious packages in the Node Package Manager (npm) online repository to deliver a new malware loader called XORIndex to developer systems.

Read Full Article
Malware Analysis, News and IndicatorsMalware Analysis, News and Indicators

67 malicious npm packages, novel loader spread North Korean malware

Packages that load BeaverTail malware were downloaded more than 17,000 times. Introduction to Malware Binary Triage (IMBT) Course Looking to level up your skills? Get 10% off using coupon code: MWNEWS10 for any flavor…

Read Full Article
GBHackers On SecurityGBHackers On Security

North Korean Hackers Exploit 67 Malicious npm Packages to Spread XORIndex Malware

The Socket Threat Research Team has discovered a new software supply chain attack that uses a malware loader called XORIndex that had not been previously reported, marking a major uptick in North Korean cyber operations. This activity builds on the Contagious Interview campaign previously detailed in June 2025, which involved the HexEval Loader. The adversaries, […] The post North Korean Hackers Exploit 67 Malicious npm Packages to Spread XORInd…

Read Full Article
IT Security News - cybersecurity, infosecurity newsIT Security News - cybersecurity, infosecurity news

North Korean Actors Expand Contagious Interview Campaign with New Malware Loader

Socket has identified a new malware loader called XORIndex incorporated into malicious packages published to the npm registry, with over 9000 downloads so far This article has been indexed from www.infosecurity-magazine.com Read the original article: North Korean Actors Expand Contagious… Read more → The post North Korean Actors Expand Contagious Interview Campaign with New Malware Loader appeared first on IT Security News.

Read Full Article
Think freely.Subscribe and get full access to Ground NewsSubscriptions start at $9.99/yearSubscribe

Bias Distribution

  • 67% of the sources are Center
67% Center
Factuality

To view factuality data please Upgrade to Premium

Ownership

To view ownership data please Upgrade to Vantage

The Hacker News broke the news in on Tuesday, July 15, 2025.
Sources are mostly out of (0)

Similar News Topics

Freelancers icon

Freelancers

North Korea icon

North Korea

News
For You
SearchBlindspotLocal