New wave of ‘fake interviews’ use 35 npm packages to spread malware www.bleepingcomputer.com/news/secu…

A new wave of North Korea’s ‘Contagious Interview’ campaign is targeting job seekers with malicious npm packages that infect dev’s devices with infostealers and backdoors.

The packages were discovered by Socket Threat Research, which reports they load the BeaverTail info-stealer and InvisibleFerret backdoor on victims' machines, two well-documented payloads associated with DPRK actors.