{
  "$type": "site.standard.document",
  "bskyPostRef": {
    "cid": "bafyreig2y7x2w65tywfizqdbcuxr6rez5kxyhmbg7wnjydnbftmkd53fje",
    "uri": "at://did:plc:ghkvexthfanuyq7fb5veq6tw/app.bsky.feed.post/3mknoitmp27y2"
  },
  "coverImage": {
    "$type": "blob",
    "ref": {
      "$link": "bafkreifvvev7vdee2cuknn3xpuaxpigbgomzanfsvor5f6bkgs4fthz46y"
    },
    "mimeType": "image/jpeg",
    "size": 315504
  },
  "path": "/2026/04/new-wave-of-dprk-attacks-uses-ai.html",
  "publishedAt": "2026-04-29T14:43:00.000Z",
  "site": "https://thehackernews.com",
  "tags": [
    "@validate-sdk"
  ],
  "textContent": "Cybersecurity researchers have discovered malicious code in an npm package after a malicious package as a dependency to the project by Anthropic's Claude Opus large language model (LLM).\nThe package in question is \"@validate-sdk/v2,\" which is listed on npm as a utility software development kit (SDK) for hashing, validation, encoding/decoding, and secure random generation. However, its real",
  "title": "New Wave of DPRK Attacks Uses AI-Inserted npm Malware, Fake Firms, and RATs"
}