Fake 'interview' repos lure Next.js devs into running secret-stealing malware

Come for the coding test, stay for the C2 traffic Next.js developers are once again in the crosshairs as hackers seed ...
Dark Reading

Malicious Next.js Repos Target Developers Via Fake Job Interviews

Attackers are targeting developers with malicious Next.js repositories to perform remote code execution (RCE) and establish a ...
Microsoft

Developer-targeting campaign using malicious Next.js repositories

A developer-targeting campaign leveraged malicious Next.js repositories to trigger a covert RCE-to-C2 chain through standard ...