๐จ Careful out there! Threat actors are targeting developers and their tools.
This Jamf Threat Labs article shows the "Contagious Interview" - the use of malicious Visual Studio Code project files to open backdoors and enable remote code execution.
ARTICLE:
๐ https://lnkd.in/eRqeRE5p
๐น Bad people are hosting Git repositories that appear legitimate ("here is the interview assignment")
๐น When a developer opens the project and trusts it in VS Code, a tasks.json causes VS Code to executes commands.
๐น Those commands fetch obfuscated JavaScript payloads and silently install a persistent backdoor.
๐ The standard safeguard is to review repository contents and limit trust decisions.

