The North Korean threat actors behind the Contagious Interview
campaign, also tracked as WaterPlum, have been attributed to a
malware family tracked as StoatWaffle that's distributed via
malicious Microsoft Visual Studio Code (VS Code) projects. The use
of VS Code "tasks.json" to distribute malware is a relatively new
tactic adopted by the threat actor since December 2025, with the
attacks
Read more https://thehackernews.com/2026/03/north-korean-hackers-abuse-vs-code-auto.html
