Fake Next.js job interview tests backdoor developer's devices

The Microsoft Defender team has discovered a coordinated campaign targeting software developers through malicious repositories posing as legitimate Next.js projects and technical assessment materials, ...
Microsoft

Developer-targeting campaign using malicious Next.js repositories

A developer-targeting campaign leveraged malicious Next.js repositories to trigger a covert RCE-to-C2 chain through standard ...
GitHub

Anyapk: Install any APK on the device you own

Bypass Google And Install Any APK You Want On The Device You Own. anyapk is a lightweight Android application installer that bypasses Google's developer verification ...
Infosecurity Magazine

Android Malware Hijacks Google Gemini to Stay Hidden

A new Android malware implant using Google Gemini to perform persistence tasks was discovered on VirusTotal and analyzed by ESET ...
MUO on MSN

This open-source app is the only way to stay on the cutting edge of Android

If you sideload apps on Android, this is one tool you shouldn’t live without.
GitHub

copy/extract/patch android apk signatures & compare apks

Compare two APKs by copying the signature from the first to a copy of the second and checking if the resulting APK verifies. This command requires apksigner. The motivation behind the Reproducible ...