{
"$type": "site.standard.document",
"bskyPostRef": {
"cid": "bafyreignq6flqno35gq3chyyivrqbmmxf3vn22jrktvx3jiqftdos7ighi",
"uri": "at://did:plc:ghkvexthfanuyq7fb5veq6tw/app.bsky.feed.post/3mpqy5ohtium2"
},
"coverImage": {
"$type": "blob",
"ref": {
"$link": "bafkreicn7o5a5zocm5wtjrwv4fngeovvkzaqumwbemqlulwtbmjd4ubs7m"
},
"mimeType": "image/jpeg",
"size": 354900
},
"path": "/2026/07/north-korea-linked-npm-packages-mimic.html",
"publishedAt": "2026-07-03T16:07:15.000Z",
"site": "https://thehackernews.com",
"textContent": "Threat actors with ties to North Korea have been linked to a fresh set of malicious npm packages that masquerade as Rollup polyfill tooling to facilitate remote access and data theft.\n\nAccording to JFrog, the packages \"rollup-packages-polyfill-core\" and \"rollup-runtime-polyfill-core\" mimic the legitimate \"rollup-plugin-polyfill-node\" project, down to the description, repository metadata, and",
"title": "North Korea-Linked npm Packages Mimic Rollup Polyfills to Steal Developer Secrets"
}