Return to Threats

North Korean Hackers Publish 108 Malicious Packages and Extensions in PolinRider Campaign

thehackernews.com 2026-07-04 AI supply chain Critical

What Happened

The North Korean threat actors linked to the Contagious Interview campaign have been observed publishing 108 unique packages and web browser extensions spanning npm, Packagist, Go, and Google Chrome as part of an ongoing activity referred to as PolinRider. "The campaign remains active, and new malicious packages are likely to continue appearing as threat actors compromise maintainer accounts,

Why It Matters

According to Socket and The Hacker News, North Korea-linked actors in the PolinRider campaign have published 162 malicious release artifacts across 108 packages and browser extensions in npm, Packagist, Go modules, and Chrome, using compromised maintainer accounts and obfuscated loaders hidden in config files and fake font assets.[1][2][3] These packages target developer environments, enabling credential theft, browser data theft, command execution, and wallet exfiltration via payloads such as DEV#POPPER and OmniStealer.[1][2] From a CyberSE.AI perspective, similar techniques can be used to target AI development and deployment pipelines, poisoning dependencies in model training environments, CI/CD for AI services, or agent runtime toolchains. Organizations should implement SBOM-based dependency monitoring and hardened developer workflows for AI systems, treat any environment that consumed affected packages as potentially compromised, and conduct readiness assessments focused on securing AI build and deployment supply chains.

Healthcare Fintech SaaS SMB AI startups

CyberSE Analysis

This signal maps to AI supply chain. Organizations using AI agents, LLM APIs, SaaS integrations, or sensitive data workflows should review whether this class of issue could create unauthorized tool execution, data leakage, weak approval gates, or unmanaged supply-chain exposure.

Recommended Actions

  • Restrict AI agent tool permissions and production write paths.
  • Review sensitive data access across prompts, logs, embeddings, memory, and SaaS integrations.
  • Add human approval workflows for high-impact or state-changing actions.
  • Run prompt injection and indirect prompt injection tests against affected workflows.
  • Document the owner, control gap, and remediation deadline for this risk class.

Source

https://thehackernews.com/2026/07/north-korean-hackers-publish-108.html

Talk to AI CISO