CyberSecurity News
North Korea-Linked npm Packages Mimic Rollup Polyfills to Steal Developer Secrets
AI summary
Threat actors linked to North Korea have created malicious npm packages that disguise themselves as Rollup polyfill tooling. These packages, named "rollup-packages-polyfill-core" and "rollup-runtime-polyfill-core", closely resemble the legitimate "rollup-plugin-polyfill-node" project in terms of description, repository metadata, and other details. The goal of these packages is to enable remote access and steal sensitive information from developers. The malicious packages were identified by JFrog, which uncovered their similarities to the legitimate Rollup project. The discovery highlights the threat actors' efforts to blend in with legitimate packages to achieve their malicious goals.
This is an AI-generated brief aggregated by HackerFeeds for convenience and grounded in the source’s own summary; the related CVE, threat-group and country data is from HackerFeeds’ own indexes. The original article is the authoritative source — all rights belong to The Hacker News.

