North Korean job scammers target JavaScript and Python developers with fake interview tasks spreading malware

Operation Dream Job is evolving once again, and now comes through malicious dependencies on bare-bones projects.

Fake job recruiters hide malware in developer coding challenges

A new variation of the fake recruiter campaign from North Korean threat actors is targeting JavaScript and Python developers ...
GitHub

dabeaz-course/python-mastery: Advanced Python Mastery (course by @dabeaz)

An exercise-driven course on Advanced Python Programming that was battle-tested several hundred times on the corporate-training circuit for more than a decade. Written by David Beazley, author of the ...
GitHub

AgentRun: Run AI Generated Code Safely

AgentRun is a Python library that makes it easy to run Python code safely from large language models (LLMs) with a single line of code. Built on top of the Docker Python SDK and RestrictedPython, it ...
Wired

How Claude Code Is Reshaping Software—and Anthropic

Engineers in Silicon Valley have been raving about Anthropic’s AI coding tool, Claude Code, for months. But recently, the buzz feels as if it’s reached a fever pitch. Earlier this week, I sat down ...
CSOonline

Contagious Interview turns VS Code into an attack vector

Threat actors behind the campaign are abusing Microsoft Visual Studio Code’s trusted workflows to execute and persist malicious code. Threat actors behind the long-running Contagious Interview ...
Dark Reading

'Contagious Interview' Attack Now Delivers Backdoor Via VS Code

The North Korean threat actors behind the Contagious Interview campaign are employing a new mechanism that uses Microsoft Visual Studio Code to deliver a previously unseen backdoor that enables remote ...