The Hacker News

Microsoft Warns Developers of Fake Next.js Job Repos Delivering In-Memory Malware

While the Windows maker did not attribute the activity to a specific threat actor, the use of VS Code tasks and Vercel ...
Dark Reading

Malicious Next.js Repos Target Developers Via Fake Job Interviews

Linked to North Korean fake job-recruitment campaigns, the poisoned repositories are aimed at establishing persistent C2 ...
The Register on MSN

Fake 'interview' repos lure Next.js devs into running secret-stealing malware

Come for the coding test, stay for the C2 traffic Next.js developers are once again in the crosshairs as hackers seed ...
Microsoft

Developer-targeting campaign using malicious Next.js repositories

A developer-targeting campaign leveraged malicious Next.js repositories to trigger a covert RCE-to-C2 chain through standard ...
How-To Geek on MSN

5 underrated open-source dev tools that will supercharge your workflow

Bruno, Fx, ActivityWatch, DDEV, and TLDR Pages are all dev tools that you should try out because they're much better than ...

Wright State tapped for U.S. Space Command academic engagement program

Students and faculty at one of the region’s largest universities will gain hands-on experience through a selective U.S. Space Command collaboration. Here's what the work will entail. #dayton #wrightst ...
InfoWorld

Working with the Windows App Development CLI

Microsoft is previewing an open-source command-line tool designed to speed up Windows application development, testing, and delivery.

Fake CAPTCHA Scam Tricks Windows Users Into Installing Malware

A fake CAPTCHA scam is tricking Windows users into running PowerShell commands that install StealC malware and steal passwords, crypto wallets, and more.

New ClickFix attack abuses nslookup to retrieve PowerShell payload via DNS

Threat actors are now abusing DNS queries as part of ClickFix social engineering attacks to deliver malware, making this the first known use of DNS as a channel in these campaigns.

Fake job recruiters hide malware in developer coding challenges

A new variation of the fake recruiter campaign from North Korean threat actors is targeting JavaScript and Python developers ...
Military Times

Senate approves Donovan as US Southern Command head

Lt. Gen. Francis Donovan speaks during a visit to Naval Special Warfare Group 1 in San Diego, California, Feb. 11, 2025. (MC2 David Rowe/U.S. Navy) Editor’s note: This report has been updated to ...