North Korean Hackers Compromise Go and PHP Packages

Security, DevOps & Infrastructure(opensourcemalware.com)view on HackerNews
PolinRidersupply-chainGitHubPackagistGoJavaScriptmalwareDPRKLazarus GroupContagious InterviewsecurityDevOps

Author: 6mile

Date: 7/8/2026

Article Summary:
A DPRK-linked supply-chain campaign, PolinRider, compromises GitHub accounts and injects malicious JavaScript into legitimate repositories, which are then published to multiple package registries, including Packagist and Go, without requiring a separate upload credential.