The North Korean threat actor Famous Chollima compromised a Packagist package to target PHP developers, using it as a supply chain attack vector to deliver malware. The article does not provide a CVSS score, specific affected version ranges, a fixed version, or a recommended workaround.
2026-05-31 (Back to Inventory) Famous Chollima Targets PHP Developers Through Compromised Packagist Package Author(s): Kirill Boychenko Organization: Socket js.jadesnow Open article directly Open article on Archive.org Related Articles 2025-10-10 ⋅ Socket ⋅ Kirill Boychenko North Korea’s Contagious Interview Campaign Escalates: 338 Malicious npm Packages, 50,000 Downloads BeaverTail InvisibleFerret 2025-07-14 ⋅ Socket ⋅ Kirill Boychenko Contagious Interview Campaign Escalates With 67 Malicious npm Packages and New Malware Loader BeaverTail InvisibleFerret 2025-06-24 ⋅ Socket ⋅ Socket Another Wave: North Korean Contagious Interview Campaign Drops 35 New Malicious npm Packages BeaverTail InvisibleFerret