Malicious npm packages are delivering the North Korean–linked PylangGhost remote access trojan (RAT) in a new software supply chain campaign that targets developers across Windows, Linux, and macOS systems. The first malicious versions appeared in late February 2026 (@jaime9008/math-service 1.0.1–1.0.2), followed by react-refresh-update 1.0.1–1.0.4 published on March 1, 2026. Earlier 1.0.0 versions in both families were benign, a […]
The post Malicious NPM Packages Spread PylangGhost RAT in Supply Chain Attack appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
This article has been indexed from GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Read the original article: