Malware And CampaignsCampaign

North Korea Contagious Interview targeting developers via open source packages

April 4, 2026SANS Digital Forensics and Incident Response, CrowdStrike

SANS Digital Forensics and Incident Response and CrowdStrike describe developer-targeted operations that start with a job interview or coding task and lead to compromise, often via malicious open source packages and malware-free execution paths.

Open in PulseSee the full expert discussion →

QUOTES

Hunting North Korea’s State-Sponsored “Contagious Interview” Operation

Attacks on Developers via the Software Supply Chain

Can an Attack Start Without Malware? 82% of Attacks Do.

VOICES

SANS Digital Forensics and Incident Response

CrowdStrike

RELATED TERMS

social engineeringdeveloper targetingsupply chainopen sourcesocial engineering

OTHER FINDINGS IN MALWARE AND CAMPAIGNS

Axios npm package compromise, WAVESHAPER.V2 cross platform RAT Handala Hack Telegram threat claiming imminent Lockheed Martin data leak Telnyx PyPI compromise (TeamPCP) shipping malware in telnyx 4.87.1/4.87.2

AMYGDALA PULSE

See what experts are saying right now

This finding is one of many signals tracked across Cyber Security. The live feed updates every few hours with new expert voices, debates, and emerging ideas.

Open Cyber Security Pulse Browse all topics

← Back to Cyber Security