Dark Reading

'Contagious Interview' Attack Now Delivers Backdoor Via VS Code

Once trust is granted to the repository's author, a malicious app executes arbitrary commands on the victim's system with no ...

UGA President’s House hotel redevelopment project tabled by developers

The Gainesville-based development team behind the proposed adaptive reuse of the UGA President's House has requested to table ...

Jamf has a warning for macOS vibe coders

Just yesterday, we noted the growing threat of ransomware. Now, Jamf Threat Labs is warning that North Korean threat actors ...

Palatka Motorsports Park developers seek environmental permit

Scott Lagasse Jr., left, and Scott Lagasse go over information with driver Thad Moffitt. The project, which involves more ...

Microsoft Virtual Studio Code is being targeted by North Korean hackers

As part of the infamous Contagious Interview campaign, North Korean threat actors were seen abusing legitimate Microsoft ...
SecurityWeek

North Korean Hackers Target macOS Developers via Malicious VS Code Projects

North Korean hackers target macOS developers with malware hidden in Visual Studio Code task configuration files.
The Hacker News

CERT/CC Warns binary-parser Bug Allows Node.js Privilege-Level Code Execution

A flaw in the binary-parser npm package before version 2.3.0 lets attackers execute arbitrary JavaScript via unsanitized ...
InfoWorld

jQuery 4.0.0 JavaScript library features trusted types

The first major update in nearly 10 years, jQuery 4.0.0 follows a long development cycle and several pre-releases.
The Hacker News

North Korea-Linked Hackers Target Developers via Malicious VS Code Projects

North Korean hackers abuse Visual Studio Code task files in fake job projects to deploy backdoors, spyware, and crypto miners ...