{
  "$type": "site.standard.document",
  "bskyPostRef": {
    "cid": "bafyreifwr2dkzerseubuoertf6mdlg46awqg4wzb33wf3uv2enmjvt437y",
    "uri": "at://did:plc:ghkvexthfanuyq7fb5veq6tw/app.bsky.feed.post/3meotu3xf4k32"
  },
  "coverImage": {
    "$type": "blob",
    "ref": {
      "$link": "bafkreiasiryqpywgtm352auhlerjyiwtopxdim4prwiibvxq5fkqbxsqma"
    },
    "mimeType": "image/jpeg",
    "size": 313965
  },
  "path": "/2026/02/lazarus-campaign-plants-malicious.html",
  "publishedAt": "2026-02-12T16:55:00.000Z",
  "site": "https://thehackernews.com",
  "textContent": "Cybersecurity researchers have discovered a fresh set of malicious packages across npm and the Python Package Index (PyPI) repository linked to a fake recruitment-themed campaign orchestrated by the North Korea-linked Lazarus Group.\nThe coordinated campaign has been codenamed graphalgo in reference to the first package published in the npm registry. It's assessed to be active since May 2025.\n\"",
  "title": "Lazarus Campaign Plants Malicious Packages in npm and PyPI Ecosystems"
}