The Hacker News

North Korean Hackers Publish 26 npm Packages Hiding Pastebin C2 for Cross-Platform RAT

North Korean-linked campaign publishes 26 malicious npm packages hiding C2 in Pastebin, deploying credential stealers & RAT ...
Visual Studio Magazine

How I Built a 'Journalist' AI Agent in VS Code to Replace Me

Having long ago seen the handwriting on the wall for the journalism profession with the debut of GenAI, I decided to just cut to the chase and build my replacement now.
The Hacker News

Microsoft Warns Developers of Fake Next.js Job Repos Delivering In-Memory Malware

While the Windows maker did not attribute the activity to a specific threat actor, the use of VS Code tasks and Vercel domains to stage malware is a tactic that has been adopted by North Korea-linked ...

Fake Next.js job interview tests backdoor developer's devices

The Microsoft Defender team has discovered a coordinated campaign targeting software developers through malicious repositories posing as legitimate Next.js projects and technical assessment materials, ...
ADTmag

Open VSX Hits 300 Million Monthly Downloads, and the Quiet Infrastructure Behind AI Coding Tools Gets a Stress Test

In the AI developer boom, some of the most important battlegrounds are not glamorous models or splashy chatbots. They are the quiet pipes that keep modern coding tools fed and up to date.