#nextjs-security

[ follow ]
#supply-chain-attack #developer-targeting #malware-campaign #remote-code-execution #malware-distribution
Information security
fromBleepingComputer
12 hours ago

Fake Next.js job interview tests backdoor developer's devices

Attackers deploy malicious Next.js repositories targeting developers through job-themed lures, using multiple execution triggers to achieve remote code execution and data exfiltration.
Information security
fromTheregister
21 hours ago

Next.js jobseekers targeted with malicious 'interview' repos

Hackers distribute malicious Next.js repositories that execute in-memory JavaScript on developers' machines through multiple attack vectors during normal development workflows.
[ Load more ]