Skip to content
The Nexus
SECURITYApr 29 · 14:43 UTCTHE HACKER NEWS[email protected] (The Hacker News)

New Wave of DPRK Attacks Uses AI-Inserted npm Malware, Fake Firms, and RATs

Cybersecurity researchers discovered a malicious npm package, '@validate-sdk/v2', used in attacks attributed to the DPRK. The package, falsely presented as a legitimate SDK, was linked to Anthropic's Claude Opus LLM and employs AI-inserted malware, fake firms, and RATs for cyber operations.

Nexus surfaces and summarizes. The full story lives at the source.

Mentioned
Spot something wrong with this article?Report a problem →
Forward this