The Hacker News

North Korean Hackers Publish 26 npm Packages Hiding Pastebin C2 for Cross-Platform RAT

North Korean-linked campaign publishes 26 malicious npm packages hiding C2 in Pastebin, deploying credential stealers & RAT via 31 Vercel deployments.
GitHub

Constellation DX Components UI Gallery

Constellation's flexible architecture empowers advanced users (professional front-end developers with ReactJS and web technology expertise) to extend the platform. You can achieve this by ...
GitHub

snyk-labs/snyk-tags-tool

snyk-tags tag is a CLI tool that uses the Snyk Project Tag API to assign tags in bulk to Snyk projects based on the product. snyk-tags tag will update all projects of the specified product within a ...
The Hacker News

Microsoft Warns Developers of Fake Next.js Job Repos Delivering In-Memory Malware

While the Windows maker did not attribute the activity to a specific threat actor, the use of VS Code tasks and Vercel ...
Microsoft

Developer-targeting campaign using malicious Next.js repositories

A developer-targeting campaign leveraged malicious Next.js repositories to trigger a covert RCE-to-C2 chain through standard ...