New Lazarus social engineering campaign targets developers

Malicious NPM package dependencies and repository invitations have been leveraged by North Korean state-backed hacking operation Lazarus Group, also known as TraderTraitor and Jade Sleet, in limited social engineering attacks against cybersecurity, cryptocurrency, blockchain, and online gambling developers in GitHub, reports BleepingComputer.

Article Link: https://cms.cyberriskalliance.com/brief/threat-intelligence/new-lazarus-social-engineering-campaign-targets-developers