North Korea’s Lazarus Group Targets Developers, Supply Chain
North Korea’s notorious Lazarus Group is using an advanced malicious implant to target cryptocurrency wallets and spreading it via legitimate GitHub profile and possibly through npm packages. The ongoing campaign, dubbed Operation Marstech Mayhem, is the example of a threat group using open-source code repositories like GitHub, npm, and Python Package Index (PyPI) in software supply […]
Source: DevOps.com