Fake Next.js job interview tests backdoor developer's devices

The Microsoft Defender team has discovered a coordinated campaign targeting software developers through malicious repositories posing as legitimate Next.js projects and technical assessment materials, ...
Microsoft

Developer-targeting campaign using malicious Next.js repositories

A developer-targeting campaign leveraged malicious Next.js repositories to trigger a covert RCE-to-C2 chain through standard ...
Dark Reading

County Pays $600K to Wrongfully Jailed Pen Testers

Seven years after they were arrested for doing their jobs as penetration testers, two white hat hackers have earned a $600,000 settlement in Dallas County, Iowa. Just after midnight on Sep. 11, 2019, ...
ESPN

What did we learn at F1 testing? Analysis, news from Barcelona

Formula 1 and its 11 teams kept the first test -- or what they called a Shakedown -- in Barcelona as private as possible, but that doesn't mean ESPN's analysis dried up. Looking into the new cars, who ...
Ars Technica

County pays $600,000 to pentesters it arrested for assessing courthouse security

Two security professionals who were arrested in 2019 after performing an authorized security assessment of a county courthouse in Iowa will receive $600,000 to settle a lawsuit they brought alleging ...