North Korean hackers publish 108 malicious packages and extensions in expanding PolinRider campaign
The Contagious Interview-linked PolinRider campaign has now published 108 malicious packages and browser extensions across npm, Packagist, Go modules, and Chrome, per The Hacker News โ up sharply from the four-ecosystem toolkit Socket first flagged three days ago. The scale confirms an industrialized, ongoing operation rather than a one-off drop: DPRK operators are compromising maintainer accounts and republishing faster than manual takedown keeps up. Re-run Socket's published IOC list against dependency trees and installed Chrome extensions now โ new packages are still landing daily.