Popular Development Framework Neutralinojs Compromised In DPRK Attack
Contents
Popular Development Framework Neutralinojs Compromised In DPRK Attack
The popular Neutralinojs framework was compromised in early March by DPRK threat actors as part of a larger attack that utilizes stolen GitHub credentials to force-push backdated malicious commits
6mile
March 6, 2026
20 min read
development-framework
neutralinojs
github
lazarus
dprk
supply-chain
infostealer
contagious-interview
shai-hulud
Neutralinojs Logo
The OpenSourceMalware team has identified a new attack on the popular development framework Neutralinojs. Neutralinojs is a platform that lets developers build lightweight cross-platform desktop applications using JavaScript, HTML and CSS. The project has 8400 stars on GitHub, 488 forks and dozens of contributers. The OSM team immediately removed the malicious code with a GitHub pull request and disclosed the attack to the Neutralinojs maintainers. We are working closely with the maintainers to provide threat intelligence and incident response assistance.
Summary
Four repositories belonging to the Neutralinojs GitHub organization -- a popular cross-platform desktop application framework with over 9,000 combined stars and 500+ forks -- have been compromised with malicious JavaScript payloads. …
The popular Neutralinojs framework was compromised in early March by DPRK threat actors as part of a larger attack that utilizes stolen GitHub credentials to force-push backdated malicious commits
6mile
March 6, 2026
20 min read
development-framework
neutralinojs
github
lazarus
dprk
supply-chain
infostealer
contagious-interview
shai-hulud
Neutralinojs Logo
The OpenSourceMalware team has identified a new attack on the popular development framework Neutralinojs. Neutralinojs is a platform that lets developers build lightweight cross-platform desktop applications using JavaScript, HTML and CSS. The project has 8400 stars on GitHub, 488 forks and dozens of contributers. The OSM team immediately removed the malicious code with a GitHub pull request and disclosed the attack to the Neutralinojs maintainers. We are working closely with the maintainers to provide threat intelligence and incident response assistance.
Summary
Four repositories belonging to the Neutralinojs GitHub organization -- a popular cross-platform desktop application framework with over 9,000 combined stars and 500+ forks -- have been compromised with malicious JavaScript payloads. …