New Malware Discovered in npm Package Linked to DPRK Attacks

Cybersecurity experts found that a malicious code was embedded within the npm package named '@validate-sdk/v2'. This package is marketed as a software development kit (SDK) for various functions, including hashing and validation. The researchers linked this suspicious activity to North Korean cybercriminals, who are reportedly using artificial intelligence to enhance their attack methods. The package was used as a dependency in a project associated with Anthropic's Claude Opus language model. Users are advised to exercise caution when downloading and utilizing npm packages, as malicious software can pose serious risks. Source: [publication name].