Alleged North Korean-linked hackers have orchestrated a sophisticated attack, targeting developers on a global scale. Their method exploited an inherent weakness in the software supply chain: a widely used JavaScript library. This library, crucial for managing network requests in numerous web applications, is downloaded millions of times weekly via npm. Its widespread use makes it a target of significant strategic value. By successfully compromising such a component, attackers can simultaneously infiltrate thousands of development environments across the world, often without the victims even realizing it.
North Korean-Linked Hackers Have Trapped Developers Worldwide
By Rupert Blackwood
Investigative journalist based in Sheffield, focusing on technology's impact on society. Rupert specializes in cybercrime's effect on communities, from online fraud targeting elderly residents to cryptocurrency scams. His reporting examines social media manipulation, digital surveillance, and how criminal networks operate in cyberspace. With expertise in computer systems, he connects technical complexity with real-world consequences for ordinary people