Lazarus Expands Malicious npm Campaign: 11 New Packages Add Malware Loaders and Bitbucket Payloads

Author(s): Socket
Organization: Socket

Open article directly Open article on Archive.org

2026-05-31 ⋅ Socket ⋅ Kirill Boychenko
Famous Chollima Targets PHP Developers Through Compromised Packagist Package
JADESNOW

2025-10-10 ⋅ Socket ⋅ Kirill Boychenko
North Korea’s Contagious Interview Campaign Escalates: 338 Malicious npm Packages, 50,000 Downloads
BeaverTail InvisibleFerret

2025-07-14 ⋅ Socket ⋅ Kirill Boychenko
Contagious Interview Campaign Escalates With 67 Malicious npm Packages and New Malware Loader
BeaverTail InvisibleFerret

Propose Change Lazarus Expands Malicious npm Campaign: 11 New Packages Add Malware Loaders and Bitbucket Payloads