Back to News
Cybersecurity

North Korean Hackers Unleash Malicious Packages in Ongoing PolinRider Campaign

North Korean threat actors have released 108 malicious software packages and browser extensions, posing significant risks for businesses utilizing these platforms.

Recent findings have revealed that North Korean hackers associated with the Contagious Interview campaign have published 108 malicious packages and browser extensions across popular platforms such as npm, Packagist, Go, and Google Chrome. This ongoing operation, termed the PolinRider campaign, highlights the persistent threat posed by state-sponsored cyber actors who exploit vulnerabilities in software repositories and developer accounts to distribute malicious payloads. As the campaign continues, the potential for additional malicious packages to emerge remains high, as threat actors actively compromise maintainer accounts.

For businesses, this development underlines the urgent need for enhanced vigilance in software supply chain security. Organizations should prioritize auditing dependencies, implementing stringent access controls, and regularly monitoring for unauthorized changes within their software ecosystems. This incident serves as a stark reminder that the rapid proliferation of AI and software development tools can also create avenues for sophisticated cyber threats, necessitating a proactive approach to cybersecurity that integrates both threat intelligence and robust security practices.

---

*Originally reported by [The Hacker News](https://thehackernews.com/2026/07/north-korean-hackers-publish-108.html)*