North Korean hacking group, Lazarus, is using the malicious Node Package Manager (NPM) package, postcss-optimizer, for a supply chain attack on developers. Once installed, it deploys the BeaverTail malware, which collects credentials and other sensitive data, while executing additional payloads. The malware targets Windows, macOS, and Linux systems. Lazarus continually targets high-value technology and cryptocurrency sectors.
North Korea’s fake IT workers targeting healthcare, finance – theregister.com
North Korea’s fake IT workers targeting healthcare, finance theregister.com
