CSOonline

North Korea’s ‘Job Test’ trap upgrades to JSON malware dropboxes

North Korea-linked Contagious Interview campaign is now luring developers with trojanized coding tasks and pulling obfuscated payloads from public JSON-storage services like JSON Keeper, JSONSilo, and ...
Hosted on MSN

JSON services hijacked by North Korean hackers to send out malware

Lazarus Group used JSON storage services to host malware in the Contagious Interview campaign targeting developers Attackers lured victims via fake LinkedIn job offers, delivering BeaverTail, ...
The Hacker News

Microsoft Fixes One-Click GitHub Dev Attack That Let Attackers Steal OAuth Tokens

VS Code flaw exposes GitHub OAuth tokens via one-click attack on GitHub.dev, enabling private repo access and token theft.