Malicious npm packages impersonate legitimate Rollup polyfills and enable North Korean actors to steal data and gain remote access to developer systems.
At least 32 Red Hat npm packages were infected with a credential stealer that simultaneously manipulated GitHub workflows to publish additional packages with forged SLSA attestations and expand supply chain access.