Microsoft

Developer-targeting campaign using malicious Next.js repositories

A developer-targeting campaign leveraged malicious Next.js repositories to trigger a covert RCE-to-C2 chain through standard ...
GitHub

jQuery <--> C++ JSON communication

C++ Header-only event driven communication between jQuery in a web-browser via the nginx web-server. This can implement, for example, a RESTful API for fast sensor data transfer. This was developed ...
The Hacker News

Microsoft Warns Developers of Fake Next.js Job Repos Delivering In-Memory Malware

While the Windows maker did not attribute the activity to a specific threat actor, the use of VS Code tasks and Vercel domains to stage malware is a tactic that has been adopted by North Korea-linked ...
GitHub

ESLint JSON Language Plugin

This package contains a plugin that allows you to natively lint JSON, JSONC, and JSON5 files using ESLint. Important: This plugin requires ESLint v9.15.0 or higher and you must be using the new ...