THE PolinRider supply chain attack, attributed to suspected North Korean hackers linked to the Contagious Interview cluster, has been identified as an ongoing campaign impacting developers across platforms like npm, Packagist, and Chrome. Researchers have uncovered 162 malicious artifacts hidden within 108 packages, utilizing methods such as embedding JavaScript loaders in configuration files and disguising code as .woff2 fonts.
The attack aims directly at developer environments, risking exposure of critical credentials and source code. Socket suggests that affected teams should treat their environments as compromised, recalling clean versions and rotating secrets. The campaign remains active, highlighting the necessity for continuous vigilance and audits within developer ecosystems.