North Korean Hackers Flood npm Registry with XORIndex Malware in Ongoing Attack Campaign

The North Korean threat actors linked to the Contagious Interview campaign have been observed publishing another set of 67 malicious packages. The packages, per Socket, have attracted more than 17,000 downloads, and incorporate a previously undocumented version of a malware.