securityonline.info 7/9/2026, 11:11:11 AM · external

North Korea-Linked PolinRider Supply Chain Attack Expands Across Open Source

North Korea-Linked PolinRider Supply Chain Attack Expands Across Open Source
Developing story incident 2 articles tracked
North Korean PolinRider supply chain attack targets open source repositories
CyberSIXT Evidence Panel
Primary Source socket.dev

THE PolinRider supply chain attack, attributed to suspected North Korean hackers linked to the Contagious Interview cluster, has been identified as an ongoing campaign impacting developers across platforms like npm, Packagist, and Chrome. Researchers have uncovered 162 malicious artifacts hidden within 108 packages, utilizing methods such as embedding JavaScript loaders in configuration files and disguising code as .woff2 fonts.

The attack aims directly at developer environments, risking exposure of critical credentials and source code. Socket suggests that affected teams should treat their environments as compromised, recalling clean versions and rotating secrets. The campaign remains active, highlighting the necessity for continuous vigilance and audits within developer ecosystems.

View Primary Source Via securityonline.info

Article by CyberSIXT

Timeline Coverage

Swipe to explore timeline