A new cyber attack targets developers from North Korea! 🚨

35 malicious packages were downloaded on npm from 24 fake accounts, and were downloaded more than 4,000 times! 😱 🎯 Goal? Software engineers looking for a job! Attackers impersonate Recruiters on LinkedIn, and ask you to clone malicious projects... As soon as you run npm install, the disaster begins! 💀 💥 Malicious programs such as: BeaverTail to steal your data InvisibleFerret for complete control of your device! 🧠 The attack is called: Contagious Interview 💻And the style? Social engineering + malware + open source intelligence (OSINT) 🧨 Among the packages currently available: react-plaid-sdk vite-plugin-next-refresh node-orm-mongoose And beware of them! ⚠️ If you are a developer, work in an isolated environment (Container) and do not forget to review the packages you use. 📢 Be aware... The Internet is not always a safe place, especially if you are looking for work!