Tag: malicious npm dependency

1 article

Cluttered coding workstation with lines of code on laptop screen and scattered notes.

AI-Assisted Code Targets Crypto Wallets via Malicious npm Dependency

Researchers have uncovered a sneaky malicious npm campaign, dubbed PromptMink, linked to North Korean hackers Famous Chollima, which targets crypto developers with fake utility packages that secretly steal sensitive info and funds. The campaign's clever tactics even involve an AI-assisted code commit to fly under the radar.

Analyst 207Apr 29, 2026