Malware deployed via job interview-spoofing NPM packages

Attacks deploying a malicious Python backdoor via fraudulent NPM packages spoofing as job interviews have been targeted at software developers by suspected North Korea-linked threat actors as part of the ongoing DEV#POPPER social engineering campaign, according to The Hacker News.

attacks backdoor campaign dev developers engineering fraudulent hacker interview interviews job job interviews korea malicious malware network security north north korea npm packages python python backdoor social social engineering software software developers spoofing the hacker news third-party-code threat threat actors