Security News North Korean XORIndex malware hidden in 67 malicious npm packages BleepingComputer Daniel Bender Jul 15, 2025 North Korean threat actors planted 67 malicious packages in the Node Package Manager (npm) online repository to deliver a new malware loader called XORIndex to developer systems.