{"data":{"id":"9acd0307-f9be-4a58-a9ce-a8e4b5ef0567","title":"New Wave of DPRK Attacks Uses AI-Inserted npm Malware, Fake Firms, and RATs","summary":"Researchers discovered malicious code in npm packages (repositories where developers share reusable code) that were designed to steal cryptocurrency wallet credentials and funds. The attack, linked to North Korean hackers, used a two-layer approach where harmless-looking packages contained hidden dependencies that executed the actual malware, and the malicious packages mimicked the names of legitimate libraries to avoid detection.","solution":"N/A -- no mitigation discussed in source.","labels":["security"],"sourceUrl":"https://thehackernews.com/2026/04/new-wave-of-dprk-attacks-uses-ai.html","publishedAt":"2026-04-29T14:43:00.000Z","cveId":null,"cweIds":null,"cvssScore":null,"cvssSeverity":null,"severity":"high","attackType":["supply_chain","data_extraction"],"issueType":"news","affectedPackages":null,"affectedVendors":["Anthropic"],"affectedVendorsRaw":["Anthropic","Claude Opus","Solana","Bankr","Moltbook","Tapestry Protocol"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":null,"epssScore":null,"patchAvailable":null,"disclosureDate":"2026-04-29T14:43:00.000Z","capecIds":null,"crossRefCount":0,"attackSophistication":"advanced","impactType":["confidentiality","integrity"],"aiComponentTargeted":"agent","llmSpecific":true,"classifierConfidence":0.85,"researchCategory":null,"atlasIds":null}}