Threat report: International hackers target developers via open source packages

Nation-state actors increasingly target the software supply chain, exploiting the trust-based nature of open source ecosystems. The Lazarus Group's campaign shows how adversaries embed within development workflows for persistent access.

Analysis reveals North Korea-backed threat actors weaponizing open source registries, with automated systems uncovering malicious activity targeting developers and CI/CD environments. Findings include:

· 230+ malware packages discovered in early 2025, affecting thousands
· Shift to covert supply chain infiltration
· Exploitation of developer trust and automated installations

Read the full research for mitigation strategies.