The Hacker News

Microsoft Warns Developers of Fake Next.js Job Repos Delivering In-Memory Malware

While the Windows maker did not attribute the activity to a specific threat actor, the use of VS Code tasks and Vercel ...
Dark Reading

Malicious Next.js Repos Target Developers Via Fake Job Interviews

Linked to North Korean fake job-recruitment campaigns, the poisoned repositories are aimed at establishing persistent C2 ...
CoinDesk

IoTeX offers cross-bridge hackers 10% bounty if they return $4.4 million within 48 hours

A private key compromise drained millions from IoTeX’s ioTube bridge, with analysts disputing total losses and warning recovery via THORChain may prove difficult.