Exposed DPRK reference malware and logs

The author documents two accidental exposures by FAMOUS CHOLLIMA: an exposed JavaScript development sample (ordinary.txt) found in multiple npm packages that reveals testing practices and local payload server usage, and an err.log file from a malicious package showing a Windows username (dvant) and local file paths. These findings highlight a supply-chain malware campaign distributing obfuscated postinstall payloads via npm and reveal operator OPSEC failures useful for detection and attribution.