Researchers identified malicious npm and PyPI packages linked to a fake recruitment campaign run by the North Korean Lazarus Group. This operation, active since May 2025, uses deceptive job interview…
Substack is the home for great culture
Researchers identified malicious npm and PyPI packages linked to a fake recruitment campaign run by the North Korean Lazarus Group. This operation, active since May 2025, uses deceptive job interview…