Fake Next.js job interview tests backdoor developer's devices

The Microsoft Defender team has discovered a coordinated campaign targeting software developers through malicious repositories posing as legitimate Next.js projects and technical assessment materials, ...

Cloudflare experiment ports most of Next.js API 'in one week' with AI

A Cloudflare engineer says he has implemented 94 percent of the Next.js API by directing Anthropic's Claude, spending about $1,100 on tokens. The purpose of the experimental project was not to show ...
Microsoft

Developer-targeting campaign using malicious Next.js repositories

A developer-targeting campaign leveraged malicious Next.js repositories to trigger a covert RCE-to-C2 chain through standard ...

Android malware taps Gemini to navigate infected devices

Android malware usually relies on taps, coordinates, and UI selectors to execute tasks, but these have a tendency to break when running on different devices, which makes the use of Gemini a clever way ...