What are Contagious Interview malicious packages?

North Korea-linked malware disguised as dev tools in npm, PyPI, Go, Rust, PHP—loaders for data theft and backdoors.

How do I check if my project has these packages?

Run `npm audit`, `pip-audit`, `go list -m all`, `cargo audit`. Lock deps, scan with Socket or Snyk.

Will North Korean hackers target more languages?

Likely—expect Swift, .NET next as adoption grows. Pin versions, verify sigs.

North Korea's Hackers Hit 1,700 Malicious Packages Across npm, PyPI, Go, and Rust

North Korean hackers just unleashed 1,700 malicious packages across major repositories like npm and PyPI. But the real shock? They're now hitting Go and Rust too, turning trusted dev tools into malware loaders.

theAIcatchup Apr 08, 2026 3 min read

Visualization of North Korean malicious packages spreading across npm, PyPI, Go modules, and Rust crates

⚡ Key Takeaways

Contagious Interview spread 1,700 malicious packages across npm, PyPI, Go, Rust, and PHP, impersonating dev tools as malware loaders. 𝕏
Shift to Go and Rust signals maturing supply chain attacks targeting high-growth, secure ecosystems. 𝕏
Organizations must audit deps now—expect 'pkg wars' escalation in 2025 with broader lang coverage. 𝕏

Published by

theAIcatchup

Threat intelligence. Zero noise.

Worth sharing?

Get the best Cybersecurity stories of the week in your inbox — no noise, no spam.

Originally reported by The Hacker News

⚡ Key Takeaways

The 60-Second TL;DR

theAIcatchup

Share this article

Worth sharing?

Related Stories

US FBI's Daring Router Raid Crushes Russia's DNS Spy Network

Iran's Hackers Gut US Water Plants—Via Exposed PLCs

Iran's Hackers Crack Open America's Industrial Controls

Iran Hackers Cripple US Water and Energy PLCs in Coordinated Strikes

Stay in the loop