Microsoft

Developer-targeting campaign using malicious Next.js repositories

A developer-targeting campaign leveraged malicious Next.js repositories to trigger a covert RCE-to-C2 chain through standard ...

Fake Next.js job interview tests backdoor developer's devices

The Microsoft Defender team has discovered a coordinated campaign targeting software developers through malicious repositories posing as legitimate Next.js projects and technical assessment materials, ...
The Hacker News

Microsoft Warns Developers of Fake Next.js Job Repos Delivering In-Memory Malware

While the Windows maker did not attribute the activity to a specific threat actor, the use of VS Code tasks and Vercel domains to stage malware is a tactic that has been adopted by North Korea-linked ...
The BMJ

Adherence to legislation and recommendations to publicly post protocols and results of post-authorisation studies registered with European Medicines Agency: cross sectional study

Objective To assess whether post-authorisation studies registered with the European Medicines Agency (EMA) adhere to legislation and recommendations to publicly post study protocols and results.
The New York Times

Book Review

In a new book, the biographer Justine Picardie romps through a century of royal wardrobes. By Eva Wolchover Considered an “author’s publisher” at Random House and then Penguin, she cultivated the ...