North Korea’s Lazarus Group has launched a new wave of attacks on the npm ecosystem, compromising six packages designed to steal credentials, extract cryptocurrency data, and deploy backdoors. These malicious packages, which have been downloaded over 330 times, mimic the names of widely trusted libraries, employing a typosquatting tactic to deceive developers. The packages in … Continue reading Lazarus Hackers Weaponize 6 NPM Packages to Steal Credentials