The North Korean threat groups associated with the Contagious Interview initiative have been noted releasing an additional batch of 67 harmful packages to the npm registry, highlighting persistent efforts to contaminate the open-source ecosystem through software supply chain assaults.
According to Socket, the packages have garnered over 17,000 downloads and include a previously unrecorded variant of malware.