Dark Reading

Malicious Next.js Repos Target Developers Via Fake Job Interviews

Attackers are targeting developers with malicious Next.js repositories to perform remote code execution (RCE) and establish a persistent command-and-control (C2) channel on infected machines in a ...

Attack on Next.js manufacturer Vercel: customer data exfiltrated

Vercel's internal systems and customer data were compromised in a security incident. An external AI tool served as the entry ...