MEDIUMSupply Chain
Global

North Korean Hackers Publish 108 Malicious Packages and Extensions in PolinRider Campaign

·Source: The Hacker News

Updated:

Executive Summary

The North Korean threat actors linked to the Contagious Interview campaign have been observed publishing 108 unique packages and web browser extensions spanning npm, Packagist, Go, and Google Chrome as part of an ongoing activity referred to as PolinRider. "The campaign remains active, and new malicious packages are likely to continue appearing as threat actors compromise maintainer accounts,

Analysis

The North Korean threat actors linked to the Contagious Interview campaign have been observed publishing 108 unique packages and web browser extensions spanning npm, Packagist, Go, and Google Chrome as part of an ongoing activity referred to as PolinRider. "The campaign remains active, and new malicious packages are likely to continue appearing as threat actors compromise maintainer accounts,
Source Attribution

Originally published by The Hacker News on Jul 4, 2026.

Related Threats