A "coordinated developer-targeting campaign" is using
malicious repositories disguised as legitimate Next.js projects and
technical assessments to trick victims into executing them and
establish persistent access to compromised machines. "The activity
aligns with a broader cluster of threats that use job-themed lures
to blend into routine developer workflows and increase the
likelihood of code
Read more https://thehackernews.com/2026/02/fake-nextjs-repos-target-developers.html
