North Korean threat actors have escalated their software supply chain attacks with the deployment of 67 malicious npm packages that collectively garnered over 17,000 downloads before detection.
This latest campaign represents a significant expansion of the ongoing “Contagious Interview” operation, introducing a previously unreported malware loader dubbed XORIndex alongside the existing HexEval Loader infrastructure.
The newly discovered XORIndexmalware, named for its distinctive use of XOR-encod...
SonicWall SMA devices hacked with OVERSTEP rootkit tied to ransomware
BleepingComputer
3 hours ago
SonicWall SMA devices hacked with OVERSTEP rootkit tied to ransomware Ionut Ilascu July 16, 2025 11:33 AM 0 A threat actor has been deploying a previously unseen malware called OVERSTEP that modifies ...
