North Korean XORIndex malware hidden in 67 malicious npm packages

Score: 72/100 BleepingComputer 14 hours ago Part of cluster #1184
North Korean XORIndex malware hidden in 67 malicious npm packages
North Korean XORIndex malware hidden in 67 malicious npm packages Bill Toulas July 15, 2025 01:47 PM 0 North Korean threat actors planted 67 malicious packages in the Node Package Manager (npm) online repository to deliver a new malware loader called XORIndex to developer systems. The packages collectively count more than 17,000 downloads and were discovered by researchers at package security platform Socket, who assess them to be part of the continued Contagious Interview operation. Socket rese...
Continue Reading on Original Site

Recommended Articles

Chrome Update Patches Fifth Zero-Day of 2025

SecurityWeek 1 hour ago

Google on Tuesday announced a fresh set of Chrome security updates that resolve six vulnerabilities, including one exploited in the wild.The zero-day bug, tracked as CVE-2025-6558, is described as an ...

IoT Security Firm Exein Raises $81 Million

SecurityWeek 40 minutes ago

Italian IoT-embedded cybersecurity firm Exein on Wednesday announced raising €70 million (approximately $81 million) in a Series C funding round that brings the total raised by the company to over $10...

2025-07-16 - Cluster AI Daily Threat Brief

ThreatCluster 8 hours ago

# Daily Threat Intelligence Brief - July 16, 2025 ## Executive Summary The cybersecurity landscape continues to evolve, with a significant uptick in sophisticated threats, particularly from advanced...

Save to Folder

Choose a folder to save this article: