Post #8404

@thehackernews

The Hacker News

Views9,370Post view count

PostedFeb 1202/12/2026, 04:58 PM

Post content

⚠️ Fake recruiter coding tests pushed poisoned npm & PyPI dependencies to developers. Hidden packages deployed RAT access, while separate implants stole browser & crypto wallet data. One library exceeded 10,000 downloads before weaponization. 🔗 Read → https://thehackernews.com/2026/02/lazarus-campaign-plants-malicious.html