The campaign spans npm, Packagist, Go, and Chrome, using obfuscated JavaScript loaders and VS Code tasks to deliver malware.
Stop coding without these extensions ...
North Korean threat actors are escalating the PolinRider supply chain attack across Go, Packagist, and npm package ...