The Hacker News

Microsoft Warns Developers of Fake Next.js Job Repos Delivering In-Memory Malware

While the Windows maker did not attribute the activity to a specific threat actor, the use of VS Code tasks and Vercel ...

Fake Next.js job interview tests backdoor developer's devices

The Microsoft Defender team has discovered a coordinated campaign targeting software developers through malicious repositories posing as legitimate Next.js projects and technical assessment materials, ...
InfoQ

Warper: Rust Powered React Virtualisation Library

Warper 7.2 is a cutting-edge open-source React virtualization library utilizing Rust and WebAssembly for unmatched performance. With zero-allocation hot paths and O(1) circular buffer operations, ...

JavaScript: React moves to its own foundation under the Linux Foundation

The JavaScript library is now under the umbrella of the Linux Foundation, a new foundation takes over ownership and will organize governance in the future.
Microsoft

Developer-targeting campaign using malicious Next.js repositories

A developer-targeting campaign leveraged malicious Next.js repositories to trigger a covert RCE-to-C2 chain through standard ...