Security News > 2025 > February > North Korea targets crypto developers via NPM supply chain attack

North Korea targets crypto developers via NPM supply chain attack

2025-02-13 12:00

Yet another cash grab from Kim's cronies and an intel update from Microsoft North Korea has changed tack: its latest campaign targets the NPM registry and owners of Exodus and Atomic cryptocurrency wallets.…

News URL

https://go.theregister.com/feed/www.theregister.com/2025/02/13/north_korea_npm_crypto/

#attack #crypto #developer #korea #northkorea #NPM #supplychain

Related news

FBI officially fingers North Korea for $1.5B Bybit crypto-burglary (source)
$1.5B Bybit Hack is Linked to North Korea, FBI Says, in Potentially the Largest Crypto Heist Ever (source)
PlushDaemon APT Targets South Korean VPN Provider in Supply Chain Attack (source)
IPany VPN breached in supply-chain attack to push custom malware (source)
Supply chain attack hits Chrome extensions, could expose millions (source)
Abandoned AWS S3 buckets can be reused in supply-chain attacks that would make SolarWinds look 'insignificant' (source)
I'm a security expert, and I almost fell for a North Korea-style deepfake job applicant …Twice (source)
Lazarus Group Deploys Marstech1 JavaScript Implant in Targeted Developer Attacks (source)
Bybit Confirms Record-Breaking $1.5 Billion Crypto Heist in Sophisticated Cold Wallet Attack (source)
GitVenom attacks abuse hundreds of GitHub repos to steal crypto (source)

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.