Fake Next.js job interview tests backdoor developer's devices

The Microsoft Defender team has discovered a coordinated campaign targeting software developers through malicious repositories posing as legitimate Next.js projects and technical assessment materials, ...

Cloudflare experiment ports most of Next.js API 'in one week' with AI

A Cloudflare engineer says he has implemented 94 percent of the Next.js API by directing Anthropic's Claude, spending about $1,100 on tokens. The purpose of the experimental project was not to show ...
Microsoft

Developer-targeting campaign using malicious Next.js repositories

A developer-targeting campaign leveraged malicious Next.js repositories to trigger a covert RCE-to-C2 chain through standard ...

Android malware taps Gemini to navigate infected devices

Android malware usually relies on taps, coordinates, and UI selectors to execute tasks, but these have a tendency to break when running on different devices, which makes the use of Gemini a clever way ...

Are you using an AI-generated password? It might be time to change it

AI cybersecurity firm Irregular's research, verified by Sky News, found ChatGPT, Claude, and Gemini all produced highly predictable passwords, with repeated and predictable patterns.