Dark Reading

'Contagious Interview' Attack Now Delivers Backdoor Via VS Code

Once trust is granted to the repository's author, a malicious app executes arbitrary commands on the victim's system with no ...

New Android malware uses AI to click on hidden browser ads

A new family of Android click-fraud trojans leverages TensorFlow machine learning models to automatically detect and interact ...

Jamf has a warning for macOS vibe coders

Just yesterday, we noted the growing threat of ransomware. Now, Jamf Threat Labs is warning that North Korean threat actors ...

North Korean hackers target Microsoft Virtual Studio Code

As part of the infamous Contagious Interview campaign, North Korean threat actors were seen abusing legitimate Microsoft ...

I used Claude Code to vibe-code an Apple Watch app in just 12 hours - instead of 2 months

But using Claude Code, I worked on the Watch app over the course of about 12 hours in actual time, spread out over about three weeks. I was excited to see an actual app in the first two hours and ...
The Hacker News

CERT/CC Warns binary-parser Bug Allows Node.js Privilege-Level Code Execution

A flaw in the binary-parser npm package before version 2.3.0 lets attackers execute arbitrary JavaScript via unsanitized ...