A “coordinated developer-targeting campaign” is using malicious repositories disguised as legitimate Next.js projects and technical assessments to trick victims into executing them and establish persistent access to compromised machines.”The activity aligns with a broader cluster of threats that use job-themed lures to blend into routine developer workflows and increase the likelihood of code
First seen on thehackernews.com
Jump to article: thehackernews.com/2026/02/fake-nextjs-repos-target-developers.html
