#developer-targeting

[ follow ]
#supply-chain-attack #nextjs-security #malware-campaign #remote-code-execution #malware-distribution
Information security
fromBleepingComputer
12 hours ago

Fake Next.js job interview tests backdoor developer's devices

Attackers deploy malicious Next.js repositories targeting developers through job-themed lures, using multiple execution triggers to achieve remote code execution and data exfiltration.
Information security
fromTheregister
21 hours ago

Next.js jobseekers targeted with malicious 'interview' repos

Hackers distribute malicious Next.js repositories that execute in-memory JavaScript on developers' machines through multiple attack vectors during normal development workflows.
fromInfoWorld
3 months ago

North Korea's 'Job Test' trap upgrades to JSON malware dropboxes

The final payload (BeaverTail) showed previously seen capabilities, including "usage of Axioms as embedded HTTP client, enumeration and exfiltration of system information, searching browser profiles and extension directories for sensitive data, and searching for and exfiltrating Word documents, PDF files, screenshots, secret files, files containing environment variables, and other sensitive files such as the logged-in user's Keychain".
Information security
[ Load more ]