Login
Israel-Hamas Conflict
Donald Trump
Social Media
Artificial Intelligence
Natural Disasters
Nature
Education
Cricket
Republican Party
US Politics
Democratic Party
Infrastructure
Crime
institutional access

You are connecting from
Lake Geneva Public Library,
please login or register to take advantage of your institution's Ground News Plan.

Published loading...Updated

North Korean Hackers Release Malware-Ridden Packages Into Npm Registry

NORTH KOREA, JUL 15 – North Korean state-backed actors distributed 67 malicious npm packages with XORIndex malware, amassing over 17,000 downloads to steal developer credentials and cryptocurrency data.

Summary by Tech Radar
A second wave of tainted packages was spotted on npm, likely part of a larger campaign.

8 Articles

Tech RadarTech Radar
Center

North Korean hackers release malware-ridden packages into npm registry

A second wave of tainted packages was spotted on npm, likely part of a larger campaign.

·United Kingdom
Read Full Article
BleepingComputerBleepingComputer
Center

North Korean XORIndex malware hidden in 67 malicious npm packages

North Korean threat actors planted 67 malicious packages in the Node Package Manager (npm) online repository to deliver a new malware loader called XORIndex to developer systems.

Read Full Article
Malware Analysis, News and IndicatorsMalware Analysis, News and Indicators

67 malicious npm packages, novel loader spread North Korean malware

Packages that load BeaverTail malware were downloaded more than 17,000 times. Introduction to Malware Binary Triage (IMBT) Course Looking to level up your skills? Get 10% off using coupon code: MWNEWS10 for any flavor…

Read Full Article
GBHackers On SecurityGBHackers On Security

North Korean Hackers Exploit 67 Malicious npm Packages to Spread XORIndex Malware

The Socket Threat Research Team has discovered a new software supply chain attack that uses a malware loader called XORIndex that had not been previously reported, marking a major uptick in North Korean cyber operations. This activity builds on the Contagious Interview campaign previously detailed in June 2025, which involved the HexEval Loader. The adversaries, […] The post North Korean Hackers Exploit 67 Malicious npm Packages to Spread XORInd…

Read Full Article
IT Security News - cybersecurity, infosecurity newsIT Security News - cybersecurity, infosecurity news

North Korean Actors Expand Contagious Interview Campaign with New Malware Loader

Socket has identified a new malware loader called XORIndex incorporated into malicious packages published to the npm registry, with over 9000 downloads so far This article has been indexed from www.infosecurity-magazine.com Read the original article: North Korean Actors Expand Contagious… Read more → The post North Korean Actors Expand Contagious Interview Campaign with New Malware Loader appeared first on IT Security News.

Read Full Article
cybernoz.comcybernoz.com

North Korea-linked Actors Spread XORIndex Malware Via 67 Malicious Npm Packages - Cybernoz - Cybersecurity News

North Korea-linked actors spread XORIndex malware via 67 malicious npm packages Pierluigi Paganini July 15, 2025 North Korea-linked hackers uploaded 67 malicious npm packages with XORIndex malware, hitting 17K+ downloads in ongoing supply chain attacks. North Korea-linked threat actors behind the Contagious Interview campaign have uploaded 67 malicious npm packages with XORIndex malware loader, hitting over 17,000 downloads in on…

Read Full Article
Think freely.Subscribe and get full access to Ground NewsSubscriptions start at $9.99/yearSubscribe

Bias Distribution

  • 100% of the sources are Center
100% Center
Factuality

To view factuality data please Upgrade to Premium

Ownership

To view ownership data please Upgrade to Vantage

The Hacker News broke the news in on Tuesday, July 15, 2025.
Sources are mostly out of (0)

Similar News Topics

North Korea icon

North Korea

News
For You
SearchBlindspotLocal