"Between January and July 2025, Sonatype blocked 234 unique malware packages traced to Lazarus across npm and PyPI"
These North Koreans are busy bees!
Sonatype uncovers global espionage campaign in open source ecosystems
North Korea's Lazarus Group is attacking developers via open source. Sonatype found over 200 malicious packages. Are you affected? Read the blog post.
(www.sonatype.com)
