N. Korean Hackers Spread 1,700 Malicious Packages Across npm, PyPI, Go, Rust

Published: 3 weeks ago (April 8, 2026 at 03:47 AM EDT)

1 min read

Source: The Hacker News

Overview

The North Korea‑linked persistent campaign known as Contagious Interview has spread its tentacles by publishing malicious packages targeting the Go, Rust, and PHP ecosystems.

The threat actor’s packages were designed to impersonate legitimate developer tooling, while quietly functioning as malware loaders, extending Contagious Interview’s established playbook into a coordinated effort.

Back to Blog

CPUID Site Hijacked To Serve Malware Instead of HWMonitor Downloads

Incident Overview Attackers briefly hijacked part of CPUID’s backend and swapped legitimate download links on its site with malware‑laced ones. The issue affec...

GlassWorm Campaign Uses Zig Dropper to Infect Multiple Developer IDEs

Cybersecurity researchers have flagged yet another evolution of the ongoing GlassWorm campaign, which employs a new Zig dropper that's designed to stealthily in...

Python Supply-Chain Compromise

newshttps://www.truesec.com/hub/blog/malicious-pypi-package-litellm-supply-chain-compromise Details A malicious supply‑chain compromise has been identified in t...

Rockstar Games says hack will have ‘no impact’

Incident Overview Rockstar confirmed on Saturday that some of its data was compromised in a breach of a third‑party provider. The hacking group ShinyHunters cl...

Overview

Related posts

CPUID Site Hijacked To Serve Malware Instead of HWMonitor Downloads

GlassWorm Campaign Uses Zig Dropper to Infect Multiple Developer IDEs

Python Supply-Chain Compromise

Rockstar Games says hack will have ‘no impact’