News
- Security researchers spotted 67 malicious packages on npm
- The packages are part of the Contagious Interview campaign
- They are most likely deployed by North Korean attackers
North Korean hackers have been seen pushing dozens of malicious packages to npm in an attempt to compromise western technology products through supply chain attacks.
Cybersecurity researchers Socket claim the latest push of 67 malicious packages is just the second leg of a previous attack, in which 35 packages were published, as part of a campaign called Contagious Interview.
"The Contagious Interview operation continues to follow a whack-a-mole dynamic, where defenders detect and report malicious packages, and North Korean threat actors quickly respond by uploading new variants using the same, similar, or slightly evolved playbooks," Socket researcher Kirill Boychenko said.
Thousands of victimsUploading malicious code to npm is just a setup. The real attack most likely happens elsewhere - on LinkedIn, Telegram, or Discord. North Korean attackers would pose as recruiters, or HR managers in large, reputable tech companies, and would reach out to software developers offering work.
The interview process includes multiple rounds of talks and concludes with a test assignment. That test assignment requires the job seeker to download and run an npm package, which is where the person ends up with a compromised device. Obviously, that doesn’t mean that other people couldn’t accidentally download tainted packages, as well.
Cumulatively, the packages attracted more than 17,000 downloads, which is quite the attack surface.
North Koreans are infamous for their fake job and fake employee scams, whose goals usually vary between cyber-espionage and financial theft. If they’re not stealing intellectual property or proprietary data, then they’re stealing cryptocurrencies which the government uses to fund the state apparatus and its nuclear weapons program.
The campaigns deploy all sorts of malware, from the BeaverTail infostealer, across XORIndex Loader, HexEval, and many others.
"Contagious Interview threat actors will continue to diversify their malware portfolio, rotating through new npm maintainer aliases, reusing loaders such as HexEval Loader and malware families like BeaverTail and InvisibleFerret, and actively deploying newly observed variants including XORIndex Loader," the researchers concluded.
Via The Hacker News
You might also like- North Korean hackers target job seekers with fake interviews
- Take a look at our guide to the best website builders around
- We've rounded up the best password managers
- A 'bioinspired super-adhesive filter' has been tested by Korean scientists
- It uses oil, mimicking 'mucus-coated nasal hairs' for better filtering of dust
- Your PC could be a lot more dust-free in the future as a result, if this ever comes to fruition with mesh case filters
The dust filters that aim to prevent particles from getting inside your desktop PC or laptop could take a big leap forward in the future, thanks to an invention that models itself after the human nose.
The 'bioinspired super-adhesive filter' has been tested by Korean researchers, and it's essentially an oil-coated mesh that more effectively stops dust, or other infiltrating particles, in their tracks.
A paper in the journal Nature, authored by scientists from Chung-Ang University in South Korea (as highlighted by Tom's Hardware), explains that the invention is "inspired by the natural filtration abilities of mucus-coated nasal hairs," which doesn't evoke the most pleasant of images.
The reality is that it's a 'biomimetic filter' featuring a thin liquid coating, and just as with nasal hairs, that liquid helps to trap invading particles more effectively, as they stick to it. Or as the paper puts it: "When PM [particulate matter] encounters the mucus, a meniscus forms, generating strong adhesion by capillarity."
The result of this oil-based filter mimic should be a more dust-free computer. And while the researchers are primarily targeting the likes of household or industrial air filtration systems, the tech could be applied to anything where a dust filter is needed, including the humble PC.
The filters use a "thin, uniform silicone oil layer" which is sprayed on, and they capture significantly more particles than traditional efforts, and are effective for 2-3x longer, we're told.
To extend their usable lifespan, the filters can be washed, dried, and the oil reapplied by simply spraying it on (with a non-toxic oil obviously being used).
Analysis: maybe snot(Image credit: TechRadar)Should we prepare ourselves for the Cooler Master Mucus 5N0T PC case, then? Well, maybe not, but this innovation could have serious benefits for the world of computers.
There's a balance required with the typical desktop PC case or laptop chassis, in that they need plenty of vents to keep the components inside cool. However, a lot of space for air to move through for cooling means a lot more dust potentially enters the PC.
Traditional meshes try to capture that dust, but don't always do much of a good job. Sure, they help, but if you look inside your PC (through the glass window on the side, if it has one), you may notice it's pretty dusty in there.
After a few years, dust can accumulate in a considerable quantity, particularly around the CPU fan and likely the graphics card as well, if you don't clean inside your PC case. And let's be honest, most of us are way too good at procrastinating when it comes to that kind of PC housekeeping (I know I am).
New filters that rely on oil could be a real boon in terms of keeping your PC a lot more dust-free throughout its lifespan, perhaps eliminating the need for any cleaning at all one day - or at least making this chore a far more infrequent task.
If all this talk has inspired you to clean up your PC, do so very carefully (using a can of compressed air), and make sure you look at some good advice on how to carry this out properly (without damaging fans). That's especially the case with laptops, and I wouldn't recommend trying to open a notebook case, in order to clean inside, to anyone but the most tech-savvy readers.
You might also like...- Latest Windows 11 update fail brings yet more installation woes – but some other reported bugs have me seriously worried
- No, Windows 11 PCs aren't 'up to 2.3x faster' than Windows 10 devices, as Microsoft suggests – here's why that's an outlandish claim
- Windows 11 desktop PCs could soon get Copilot+ AI powers, as Intel might radically switch tactics with next-gen CPUs
- Nvidia could soon resume selling H20 chips in China
- CEO Jensen Huang has liaised with China and the US
- The company lost billions in sales as a result of export bans
Nvidia is planning to resume sales of its H20 AI chips to China after the US government confirmed it would grant the tech giant export licenses.
The move comes after Nvidia CEO Jensen Huang's visit to China and his discussions with US President Donald Trump, all in a bid to reach an agreement and resume sales.
As a result, it's believed that Chinese companies like ByteDance and Tencent are now lining up to place orders on H20 chips after a brief pause to exports.
Nvidia could resume Chinese exports soonNvidia had already custom-designed the H20 chip for China after US export restrictions, but it was banned in April 2025, leading to an estimated cost of $10-15 billion in lost sales and a further $5.5 billion in inventory write-offs. The costs were so significant that Nvidia declared these losses in its quarterly earnings report.
The potential approval of licenses by the US government could reverse charges, bringing in an additional $15-20 billion in revenue this year.
However, Trump isn't necessarily expressing a preference for Nvidia. AMD is also expecting review of its export licenses for MI308 chips after reporting a smaller but still noteworthy $1.5 billion impact from export curbs.
Although domestic competition has heated up in China, many firms still prefer Nvidia for its CUDA ecosystem. Huang also acknowledged the importance of China to Nvidia's strategy, calling the market "massive, dynamic, and highly innovative" (via Reuters).
The potential easing of restrictions comes at an important time – China also eased rare earth export restrictions, suggesting the two global superpowers could be slowly reaching an agreement.
You might also like- These are the best AI tools and best AI writers
- Nvidia briefly became the first ever $4 trillion company
- Access powerful chips by using the best cloud computing providers
- A Nintendo Switch 2 owner was reportedly banned after playing legitimate second-hand games that were later found to be cloned
- Reddit user 'dmanthey' says they were able to reverse the ban after speaking to Nintendo
- Nintendo has been cracking down on piracy by restricting consoles caught using piracy tools
A Nintendo Switch 2 owner is warning players about buying pre-owned physical games after being banned for unknowingly playing cloned versions.
Last month, it was reported that Nintendo was cracking down on piracy and had begun blocking access to online services on the Switch 2 if players were caught using MIG Flash, a tool used to create copies of games.
But it seems that even innocent players aren't safe from the company's strict anti-piracy policy.
As reported by IGN, Redditor 'dmanthey' shared a post saying that they were banned by Nintendo after loading up some original Switch games they bought from Facebook Marketplace.
The user explained that although the physical copies were legitimate, they later discovered that the games had already been copied by the original owner, which was the reason their console was restricted.
"Switch 2 users - be careful buying used Switch 1 games. You can get banned if a bad actor dumped it," 'dmanthey' said. "Got banned and unbanned after simply downloading patches for 4 Switch 1 games I bought from Facebook marketplace."
Dmanthey explained in the thread that they unknowingly played original Switch cartridges that were cloned using a piracy-enabling device.
"Basically, a thief buys/rents a game. They make a copy for themselves using the MIG dumper," the user said. "They resell the original game and keep a copy for themselves on their MIG. Then both of you get banned when the Switch 2 goes online. Only one of you has the carts, so that's the person that will be unbanned."
Thankfully, dmanthey was able to get unbanned after speaking to Nintendo's customer service and providing evidence of their purchase and conversation from the Facebook Marketplace seller.
"I contacted Nintendo support and found out I was banned," they said. "They had me pull up the Facebook Marketplace listing and take some pics of the cartridges. The whole process was painless and fast."
'Dmanthey' added, "The amount of info they had is crazy".
"They could see my ddwrt endpoints, the brand of my memory card, they even knew that I had an EVGA mouse and keyboard plugged into my Switch 2," they continued.
Another user was faced with a similar situation last month after they purchased pre-owned Switch 2 from Walmart, only to find that it had been 'bricked' by Nintendo after booting it up.
You might also like...- The Nintendo Switch 2 is the company’s least ambitious console to date, but its improvements are astronomical
- I’ve spent 40 hours exploring Death Stranding 2: On the Beach, and it’s an incredible sequel that builds upon its unique predecessor to become a masterpiece
- I’ve spent 150 hours with The Legend of Zelda: Breath of the Wild, and the Switch 2 Edition is an incredible upgrade
HBO’s Harry Potter TV show is coming to the small screen in 2027, with filming officially beginning this week. We’ve already had one first look in the form of Dominic McLaughlin’s Harry, and now a second character has followed suit. Nick Frost’s Hagrid has already made waves on the internet, but there’s something important to bear in mind.
Of course, we all love the original cast in the Harry Potter movies, including Maggie Smith (McGonagall), Alan Rickman (Snape), Michael Gambon (Dumbledore) and original Hagrid Robbie Coltrane. Yet the fact remains that in two years time we’ll have a fresh crop of famous faces in these same roles, such as Paapa Essiedu (Snape), John Lithgow (Dumbledore), Nick Frost (Hagrid), and Janet McTeer (McGonagall).
Obviously, the HBO Max version can never replace who came before, and it goes without saying that the new TV show will likely feel completely different. While these are just assumptions at this stage, the first look at Nick Frost’s Hagrid could certainly blur the line between the two in the worst way.
Is Hagrid in the HBO Harry Potter TV show too much like the original movie version?Robbie Coltrane as Hagrid in the Harry Potter movies. (Image credit: Warner Bros.)Obviously, the fact that McLaughlin's Harry looks so similar to a young Daniel Radcliffe has gone down incredibly well (including with me), but the similarities in Hagrid’s past and present is slightly more unsettling. Let’s face it – we’re looking at an airbrushed version of the original in this new snap. Of course, this could be hypocritical, but there’s extra context with Nick Frost’s Hagrid.
In an interview with Collider, Frost previously confirmed he was “never” going to try and be a version of Coltrane’s portrayal. “You get cast because you're going to bring something to that. While I'm really aware of what went before me in terms of Robbie [Coltrane]'s amazing performance, I'm never going to try and be Robbie. I'm going to try and do something, not ‘different,’ I think you have to be respectful to the subject matter, but within that, there's scope for minutia,” he said.
With this in mind, I wasn’t expecting Hagrid’s physical appearance to be so similar? It’s expected character descriptions will play by the book’s rules, but that doesn’t mean the TV show has to copy exactly what we saw in the movie. Arabella Stanton (Hermione) and Paapa Essiedu (Snape)’s castings are great examples of this, as is the cast of hit Broadway play Harry Potter and the Cursed Child.
There’s no question that I’m running before I can walk with my assessment here, but I do think the physical similarity is a hindrance rather than a help. Hagrid is arguably the most beloved adult character of the bunch, so we’ll have the highest expectations for him. Stick an identical wig and a massive beard on him, and Frost is instantly lost in Coltrane’s shadow. Clearly the differences in Hagrid will come through in his personality, but is that enough of a difference? Is there enough of a reason to reboot Harry Potter at all?
“I always read Hagrid as he's like a lovely, lost, violent, funny, warm child. I think the beauty of being able to do a book a season means I get to explore that a lot more, and I can't wait. He's funny! I want it to be funny and cheeky and scared and protective and childlike. That's what I'm planning on doing.”
You might also like- Google introduces featured notebooks into NotebookLM
- The curated content comes from sites like The Economist and The Atlantic
- You can ask questions about each notebook
Tired of waiting for you to use NotebookLM to make fantastic learning resources of your own, Google has decided to take matters into its own hands and produced a series of carefully curated Notebooks from respected authors, researchers, publications, and nonprofits, including The Economist and The Atlantic.
With NotebookLM, you can read the original source material, but also pose questions to a chatbot that’s versed in the material, so you can explore specific topics in greater depth.
And of course, you can listen to the AI-generated audio overviews, which sound like podcasts, that NotebookLM is famous for, or explore the newer Mind Maps feature.
The initial lineup of curated notebooks includes longevity advice from Eric Topol, bestselling author of Super Agers, expert analysis and predictions for the year 2025 as shared in The World Ahead annual report by The Economist, and an advice notebook based on bestselling author Arthur C. Brooks' How to Build A Life columns in The Atlantic.
As if that wasn’t enough, they’re throwing in The Complete Works of William Shakespeare for anybody who needs help exploring the works of the Bard.
You can expect the list of featured notebooks to grow, too. Google says it will continue to introduce new featured notebooks, including additional collections from its partnerships with The Economist and The Atlantic.
(Image credit: Apple/Google)The books of the futureGoogle says that since introducing the ability to share notebooks last month, ”more than 140,000 public notebooks have been created, on a wide range of topics”.
I find these featured notebooks dangerous myself because each one is a little rabbit hole I can happily disappear down for over an hour.
For example, I opened the How to Build a Life notebook based on Arthur Brooks' columns in The Atlantic and asked it what age was best to buy a house, and I didn’t emerge for another hour!
It's a different experience from reading a book, as you're constantly switching to an interactive way of consuming media, which makes the learning so much more fun.
Commenting on the new featured notebooks Nicholas Thompson, CEO of The Atlantic said, "The books of the future won’t just be static: some will talk to you, some will evolve with you, and some will exist in forms we can’t imagine now. We’re delighted to partner with Google in its pioneering work on this front.”
You might also like- A new line of code has been found in the HeyMelody app that suggests the Spotify Tap function could be coming to Oppo and OnePlus earbuds
- Android Authority managed to activate the feature, but it has several setbacks
- We don't know when it could be released, or which OnePlus and Oppo audio accessories will be compatible with Spotify Tap
OnePlus and Oppo are solid audio brands if you’re after a decent pair of mid-range earbuds, and now they could be getting a new handy Spotify integration, which could be a big convenience upgrade for Android users.
A new Android Authority teardown of the HeyMelody app highlights that the Spotify Tap function, which is supported on most audio devices from Sony, Bose, and Jabra, could be coming to OnePlus and Oppo earbuds. For those of you who are unaware, HeyMelody is the native app for setting up OnePlus and Oppo audio tech, similar to Sony’s Sound Connect app.
But what is Spotify Tap? It’s essentially a convenience feature that allows you to play music directly from Spotify by double or triple-tapping compatible audio accessories such as the brand new Sony WH-1000XM6 headphones. If you’re already an owner of the best headphones and best earbuds alike, you’ll be more than familiar with this function.
As for Android Authority’s findings, the outlet dove into the HeyMelody app v115.8 and found a code related to a possible new integration with OnePlus and Oppo earbuds, and even managed to activate the feature.
(Image credit: Android Authority )For starters, the teardown shows two different options (double and triple tap) for Spotify music playback in each earbud. The outlet also states that you can redo this gesture so that Spotify plays you a recommended song, but there were a few setbacks.
While Android Authority was able to activate Spotify Tap, the outlet noted that changes to background settings were required to get the options to show, adding that you might only be able to set this feature for one earbud at a time, and not both. However, this is likely to change if Spotify Tap is ever rolled out to OnePlus and Oppo earbuds, it added.
As it stands, the teardown doesn’t explicitly state when this feature could roll out, or which OnePlus and Oppo earbuds will receive the Spotify Tap treatment if it does. According to Android Authority, it wouldn’t be surprising if Spotify Tap is only available to selected upcoming hardware.
In that case, we’re taking this lightly and are waiting to see what other findings emerge – but we’ll certainly have our ears to the ground in the meantime.
You might also like- Get ready to brag that your Sony WH-1000XM6 headphones use the same tech as the headsets NFL coaches are wearing
- This Bluetooth DAC and headphone amp with cool VU meter looks like super-luxe audio upgrade, but it's actually stunningly well-priced
- Gemini arrives on the Galaxy Buds 3 Pro, with more Samsung and Sony earbuds to follow
- Startup’s ribbon-based holographic tape promises 200TB per LTO cartridge
- The tech uses polymer film and $5 laser to write optical voxels
- Integrates into LTO systems with no upstream software or hardware changes
UK startup HoloMem is developing a holographic storage system aimed at replacing or supplementing LTO tape.
The company, founded by former Dyson engineer Charlie Gale, uses polymer ribbon cartridges written with $5 laser diodes. Each 100-meter cartridge could store up to 200TB in a write-once, read-many format.
The cartridges match LTO dimensions and work in existing tape libraries without changes to upstream software. Drives function as drop-in shelves, allowing libraries to operate in a hybrid LTO and HoloMem setup.
HO1OThe idea began at Dyson, where Gale helped create a holographic label system called HO1O. It embedded multiple QR codes in a single hologram, readable from different angles or light sources.
“What we originally did at HO1O for prototypes was to use a light-sensitive polymer material that you just exposed to laser light… it locks polymer change and retains that image,” Gale told Blocks & Files.
This concept evolved into multi-layer data storage using similar materials.
Unlike other optical approaches that use glass or ceramics, HoloMem writes data as holographic voxels into polymer film. The film uses a 16-micron thick polymer sheet laminated between PET layers, forming a 120-micron ribbon.
The prototype HoloDrive writes and reads holograms using a 3D-printed lens and a digital micromirror device.
“We are writing data pages of thousands of bits,” Gale said. Throughput hasn’t been disclosed, although it reportedly operates at LTO-9 speeds. The drive uses £30 circuit boards and modified LTO mechanics.
HoloMem has received £900,000 in UK innovation grants and is partnering with TechRe and QStar for field trials and integration testing. It holds patents for the optical engine, media design and volumetric storage method.
Blocks & Files reports: “We understand TechRe will deploy prototype Holodrives inside LTO libraries in its UK data centers to test out the product’s performance, reliability and robustness. HoloMem has written device firmware so that, we understand, it presents itself as a kind of LTO drive.”
Future capacity increases may come through multi-channel recording, using multiple light wavelengths to layer data. Each added channel could multiply storage with no hardware change.
You might also like- Only 2% of enterprises are highly ready for AI, report claims
- Fewer than one-third have deployed AI firewalls to date
- Another one in three could do with diversifying their AI models
Although more and more applications are getting AI overhauls, new F5 research had claimed only 2% of enterprises are highly ready for AI.
More than one in five (21%) fall into the low-readiness category, and while three-quarters (77%) are considered moderately ready, they continue to face security and governance hurdles.
This comes as one in four applications use AI, with many organizations splitting their AI usage across multiple models including paid models like GPT-4 and open-source models like Llama, Mistral and Gemma.
Enterprises aren't benefitting from the AI they have access toAlthough 71% of the State of AI Application Strategy Report respondents said they use AI to enhance security, F5 highlighted ongoing challenges with security and governance. Fewer than one in three (31%) have deployed AI firewalls, and only 24% perform continuous data labelling, potentially increasing risks.
Looking ahead, one in two (47%) say they plan on deploying AI firewalls in the next year. F5 also recommends that enterprises diversify AI models across paid and open-source opens, scale AI usage to operations, analytics and security, and deploy AI-specific protections like firewalls and data governance strategies.
At the moment, it's estimated that two-thirds (65%) use two or more paid models and at least one open-source model, demonstrating considerable room for improvement.
"As AI becomes core to business strategy, readiness requires more than experimentation—it demands security, scalability, and alignment," F5 CPO and CMO John Maddison explained.
The report highlights how enterprises that lack of maturity can stifle growth, introduce operational bottlenecks and present compliance challenges.
"AI is already transforming security operations, but without mature governance and purpose-built protections, enterprises risk amplifying threats," Maddison added.
You might also like- Why not consider the best AI tools and best AI writers
- Make your workers more efficient with the best productivity tools
- Many SMBs say they can't get to grips with AI, need more training