Webinar | On Demand

How Lazarus Group Uses Open Source to Attack Developers

Watch Now

Open source has become a primary target for sophisticated threat actors, including the North Korea-linked Lazarus Group. This webinar examines how nation-state attackers exploit developer ecosystems by distributing malicious code through widely used package repositories such as npm and PyPI. Gain insight into the tactics used in these supply chain attacks and learn practical strategies for mitigating your risk.

Featured Speakers

Bruce Mayhew

VP, Data Engineering, Sonatype

Garrett Calpouzos

Principal Security Researcher, Sonatype

How Lazarus Group Uses Open Source to Attack Developers

Featured Speakers

Bruce Mayhew

Garrett Calpouzos

Related Resources

The Evolution of Open Source Malware

Compromised litellm PyPI Package Delivers Multi-Stage Credential Stealer

Sonatype Discovers Two Malicious npm Packages