Malicious npm and PyPI packages linked to Lazarus APT fake recruiter campaign

18:13 - 15 Feb 2026

securityaffairs.com

Researchers found malicious npm and PyPI packages tied to a fake recruitment campaign linked to North Korea’s Lazarus Group. ReversingLabs researcher uncovered new malicious packages on npm and PyPI connected to a fake job recruitment campaign attributed to the North Korea-linked Lazarus Group. The campaign uses deceptive hiring themes to trick developers into downloading infected […]

https://securityaffairs.com/188009/apt/malicious-npm-and-pypi-packages-llinked-to-lazarus-apt-fake-recruiter-campaign.html

Article info:

Full Article URL: https://securityaffairs.com/188009/apt/malicious-npm-and-pypi-packages-llinked-to-lazarus-apt-fake-recruiter-campaign.html
Textarea URL (this page):
https://textarea.nl/i/eNoNyzsSgzAMBcATCZOOcJs3QoDGP40sF-T0od-9I2zsKQ3h6RoPzhPqY-Fe02fb1vWbYJEqirL2OahZJbSD7DElA2dcMqgUbVkOik4FP_gL30YnspAL-9QQJ0Y16NWWO2r5A8IpLWk=_2026-02-15
Source: http://securityaffairs.co/wordpress/feed
Security Affairs: https://securityaffairs.co
Publication date: 2026-02-15 18:13:28
Last retrieval: 2026-02-15 20:45:17.557737