Fetching latest headlines…
North Korea-Linked npm Packages Mimic Rollup Polyfills to Steal Developer Secrets
NORTH AMERICA
🇺🇸 United StatesJuly 3, 2026

North Korea-Linked npm Packages Mimic Rollup Polyfills to Steal Developer Secrets

0 views0 likes0 comments
Originally published byThe Hacker News
Threat actors with ties to North Korea have been linked to a fresh set of malicious npm packages that masquerade as Rollup polyfill tooling to facilitate remote access and data theft. According to JFrog, the packages "rollup-packages-polyfill-core" and "rollup-runtime-polyfill-core" mimic the legitimate "rollup-plugin-polyfill-node" project, down to the description, repository metadata, and

Comments (0)

Sign in to join the discussion

Be the first to comment!