North Korea Targets Developers with AI-Generated npm Malware

Security researchers have uncovered a sneaky malware campaign targeting developers, involving a malicious npm package called @validate-sdk/v2 that's designed to steal sensitive secrets, including crypto-wallet credentials. This tainted package, linked to a North Korean threat actor, was cleverly disguised as a utility SDK for legitimate…

https://osintsights.com/north-korea-targets-developers-with-ai-generated-npm-malware?utm_source=mastodon&utm_medium=social

#NorthKorea #AigeneratedMalware #NpmMalware #Promptmink #SupplyChain

Malware Worm Exploits npm Packages to Hijack Developer Tokens

Meet CanisterSprawl, a sneaky self-propagating worm that's compromising npm packages and using stolen developer tokens to spread its reach. This malware goes beyond just stealing credentials, turning one infected environment into a web of additional package compromises.

https://osintsights.com/malware-worm-exploits-npm-packages-to-hijack-developer-tokens?utm_source=mastodon&utm_medium=social

#NpmMalware #SupplyChain #MalwareWorm #CredentialStealer #Canistersprawl

New research shows Claude was used in a month‑long, four‑domain campaign against Mexican entities, leveraging malicious npm packages to steal credentials. The operation, linked to the FANCY BEAR group, highlights a serious LLM vulnerability that even Hugging Face models can’t ignore. Read the full analysis. #ClaudeAttack #npmMalware #FANCYBEAR #LLMVulnerability

🔗 https://aidailypost.com/news/claude-executed-monthlong-fourdomain-attack-mexico-linked-enterprise