{
  "$type": "site.standard.document",
  "bskyPostRef": {
    "cid": "bafyreignq6flqno35gq3chyyivrqbmmxf3vn22jrktvx3jiqftdos7ighi",
    "uri": "at://did:plc:ghkvexthfanuyq7fb5veq6tw/app.bsky.feed.post/3mpqy5ohtium2"
  },
  "coverImage": {
    "$type": "blob",
    "ref": {
      "$link": "bafkreicn7o5a5zocm5wtjrwv4fngeovvkzaqumwbemqlulwtbmjd4ubs7m"
    },
    "mimeType": "image/jpeg",
    "size": 354900
  },
  "path": "/2026/07/north-korea-linked-npm-packages-mimic.html",
  "publishedAt": "2026-07-03T16:07:15.000Z",
  "site": "https://thehackernews.com",
  "textContent": "Threat actors with ties to North Korea have been linked to a fresh set of malicious npm packages that masquerade as Rollup polyfill tooling to facilitate remote access and data theft.\n\nAccording to JFrog, the packages \"rollup-packages-polyfill-core\" and \"rollup-runtime-polyfill-core\" mimic the legitimate \"rollup-plugin-polyfill-node\" project, down to the description, repository metadata, and",
  "title": "North Korea-Linked npm Packages Mimic Rollup Polyfills to Steal Developer Secrets"
}