{ads}

Lazarus Campaign Plants Malicious Packages in npm and PyPI Ecosystems

Written By Thursday, 12 February 2026 Add Comment



February 12, 2026 at 10:25PM

Cybersecurity researchers have discovered a fresh set of malicious packages across npm and the Python Package Index (PyPI) repository linked to a fake recruitment-themed campaign orchestrated by the North Korea-linked Lazarus Group. The coordinated campaign has been codenamed graphalgo in reference to the first package published in the npm registry. It's assessed to be active since May 2025. "

from The Hacker News https://ift.tt/DP2CwWE

0 Response to "Lazarus Campaign Plants Malicious Packages in npm and PyPI Ecosystems"

Post a Comment

Subscribe to: Post Comments (Atom)

Article Top Ads

Central Ads Article 1

Middle Ads Article 2

Article Bottom Ads