The Register on MSN

Fake 'interview' repos lure Next.js devs into running secret-stealing malware

Come for the coding test, stay for the C2 traffic Next.js developers are once again in the crosshairs as hackers seed ...
Microsoft

Developer-targeting campaign using malicious Next.js repositories

A developer-targeting campaign leveraged malicious Next.js repositories to trigger a covert RCE-to-C2 chain through standard ...

Fake Next.js job interview tests backdoor developer's devices

The Microsoft Defender team has discovered a coordinated campaign targeting software developers through malicious repositories posing as legitimate Next.js projects and technical assessment materials, ...
Infosecurity-magazine.com

Malicious JavaScript Loader is a Multi-RAT Dispenser

Researchers are warning of a new JavaScript loader being used to distribute eight Remote Access Trojans (RATs) in information-stealing campaigns. A team at HP Wolf named the tool “RATDispenser,” and ...