TechRadar

North Korean job scammers target JavaScript and Python developers with fake interview tasks spreading malware

Lazarus Group evolving Operation Dream Job campaign to target Web3 developers New “Graphalgo” variant uses malicious dependencies in legitimate bare-bone projects on PyPI/npm ReversingLabs found ~200 ...
Bleeping Computer

Hackers exploit critical React Native Metro bug to breach dev systems

Hackers are targeting developers by exploiting the critical vulnerability CVE-2025-11953 in the Metro server for React Native to deliver malicious payloads for Windows and Linux. On Windows, an ...