Dark Reading

Malicious Next.js Repos Target Developers Via Fake Job Interviews

Linked to North Korean fake job-recruitment campaigns, the poisoned repositories are aimed at establishing persistent C2 ...
GitHub

Open-source clone of v0.app with AI-powered React component generation

v0.diy is a self-hosted, open-source alternative to v0.app that transforms natural language descriptions into production-ready React components. Built with the latest web technologies and designed for ...
Microsoft

Developer-targeting campaign using malicious Next.js repositories

A developer-targeting campaign leveraged malicious Next.js repositories to trigger a covert RCE-to-C2 chain through standard ...