The Hacker News

Microsoft Warns Developers of Fake Next.js Job Repos Delivering In-Memory Malware

While the Windows maker did not attribute the activity to a specific threat actor, the use of VS Code tasks and Vercel domains to stage malware is a tactic that has been adopted by North Korea-linked ...

Fake 'interview' repos lure Next.js devs into running secret-stealing malware

All of the execution paths identified by its research team are designed to trigger during the Next.js devs' normal working ...