Web Scouter
Back to News
Security NewsHighIncidentsupply chain

North Korean Hackers Publish 26 npm Packages Hiding Pastebin C2 for Cross-Platform RAT

UnknownMar 2, 2026(about 11 hours ago)

North Korean hackers published 26 malicious packages to the npm registry, masquerading as developer tools to extract command-and-control.

Cybersecurity researchers have disclosed a new iteration of the ongoing Contagious Interview campaign, where the North Korean threat actors have published a set of 26 malicious packages to the npm registry. The packages masquerade as developer tools, but contain functionality to extract the actual command-and-control (C2) by using seemingly harmless Pastebin content as a dead drop resolver and

Related News

Alabama man pleads guilty to hacking, extorting hundreds of women

Unknown35 minutes ago

Update Business Associate Agreements to Comply with New Substance Use Disorder Record Rules

Unknownabout 1 hour ago

CalPrivacy Supports Bill Providing First-of-Its-Kind Incentives and Protections for Privacy Whistleblowers

Unknownabout 1 hour ago

Get Personalized Alerts

Track vendors and receive alerts when security incidents affect your supply chain.

What We Monitor

Security Incidents

Data breaches, ransomware, and unauthorized access

Vulnerabilities

CVEs and vendor security advisories

Compliance Updates

Regulatory changes and certification news

Legal News

Privacy laws and enforcement actions

Vendor Directory

Browse our directory of SaaS vendors with security documentation and compliance information.