North Korean Cyberattacks Persist: Developers Targeted via npm Packages
The campaign, known as “Contagious Interview,” tricks developers into downloading fake npm packages or installers. The attackers deploy a Python payload named InvisibleFerret to steal data from cryptocurrency wallets.