Latest North Korea DPRK news

North Korea-linked operators are hunting npm maintainers behind Fastify, Lodash, dotenv

by Adam Bream April 7, 2026

Ten high-impact npm maintainers, including the engineers behind Fastify, Lodash, dotenv, and Express, were approached using the same playbook that compromised Axios. Tay attributes the campaign to UNC1069, the DPRK-nexus group that spent eight years perfecting fake interviews against crypto …

Infostealer on North Korean operative's PC links DPRK to Polyfill.io supply chain attack

by Adam Bream March 12, 2026

A North Korean spy's own malware infection exposed the mastermind behind the Polyfill.io attack. Hudson Rock traced 100+ credentials on one laptop to Funnull CDN, a US crypto exchange, and a Japanese defense lab.

Menu

Latest North Korea DPRK news

North Korea-linked operators are hunting npm maintainers behind Fastify, Lodash, dotenv

Infostealer on North Korean operative's PC links DPRK to Polyfill.io supply chain attack

Latest News

Editor's Choice

Menu

Latest North Korea DPRK news

North Korea-linked operators are hunting npm maintainers behind Fastify, Lodash, dotenv

Infostealer on North Korean operative's PC links DPRK to Polyfill.io supply chain attack

Latest News

Editor's Choice

Stay informed on cybersecurity