Post #8492

⚠️ Microsoft says fake Next.js job repos are being used to gain persistent access to developer machines. Opening a VS Code project or running npm run dev can trigger hidden loaders that pull JavaScript into memory, profile the host, and connect to C2. GitLab banned 131 linked accounts and tracked heavy abuse of Vercel. 🔗 Read → https://thehackernews.com/2026/02/fake-nextjs-repos-target-developers.html