North Korean Hackers Exploit 67 Malicious npm Packages to Spread XORIndex Malware
The Socket Threat Research Team has discovered a new software supply chain attack that uses a malware loader called XORIndex that had not been previously reported, marking a major uptick in North Korean cyber operations.
This activity builds on the Contagious Interview campaign previously detailed in June 2025, which involved the HexEval Loader.
The adversaries, attributed to North Korean state-backed actors, infil...
SonicWall SMA devices hacked with OVERSTEP rootkit tied to ransomware
BleepingComputer
3 hours ago
SonicWall SMA devices hacked with OVERSTEP rootkit tied to ransomware Ionut Ilascu July 16, 2025 11:33 AM 0 A threat actor has been deploying a previously unseen malware called OVERSTEP that modifies ...
