​

North Korea’s Lazarus Group continues to infiltrate the npm ecosystem, deploying six new malicious packages designed to compromise developer environments, steal credentials, extract cryptocurrency data, and deploy a backdoor