Golden Finance reported that the Socket research team discovered in a new attack that North Korean hacker group Lazarus was linked to six new malicious npm packages that attempted to deploy backdoors to steal user credentials. In addition, these malware can extract cryptocurrency data and steal sensitive information from Solana and Exodus encrypted wallets. The attacks mainly target Google Chrome, Brave and Firefox browser files and macOS keychain data, specifically tricking developers into installing these malware packages by accident.