North Korean threat actors have exploited npm packages and BeaverTail malware to target software developers. The attackers used 11 utility- and debugger-spoofing npm packages for remote access trojan loader deployment as part of the Contagious Interview campaign. The second-stage malware specifics are unclear, but Socket Security researchers noticed BeaverTail and InvisibleFerret repurposing. A separate analysis found BeaverTail malware spreading the Tropidoor backdoor for Windows.
Changes Made to Leapfrog’s Hospital Survey Design
The Leapfrog Group, a US non-profit representing hospital performance interests, has revised its 2025 Leapfrog Hospital Survey, incorporating over 800 public comments. Changes include updated
.webp?w=0&resize=0,0&ssl=1 "Threat Actors Leveraging VPS Hosting Providers to Deliver Malware & Evade Detection")