Vercel | Breaking Cybersecurity News | The Hacker News

A "coordinated developer-targeting campaign" is using malicious repositories disguised as legitimate Next.js projects and technical assessments to trick victims into executing them and establish persistent access to compromised machines. "The activity aligns with a broader cluster of threats that use job-themed lures to blend into routine developer workflows and increase the likelihood of code execution," the Microsoft Defender Security Research Team said in a report published this week. The tech giant said the campaign is characterized by the use of multiple entry points that lead to the same outcome, where attacker-controlled JavaScript is retrieved at runtime and executed to facilitate command-and-control (C2). The attacks rely on the threat actors setting up fake repositories on trusted developer platforms like Bitbucket, using names like "Cryptan-Platform-MVP1" to trick developers looking for jobs into running as part of an assessment process. F...

Unknown threat actors have been observed weaponizing v0 , a generative artificial intelligence (AI) tool from Vercel, to design fake sign-in pages that impersonate their legitimate counterparts. "This observation signals a new evolution in the weaponization of Generative AI by threat actors who have demonstrated an ability to generate a functional phishing site from simple text prompts," Okta Threat Intelligence researchers Houssem Eddine Bordjiba and Paula De la Hoz said . v0 is an AI-powered offering from Vercel that allows users to create basic landing pages and full-stack apps using natural language prompts. The identity services provider said it has observed scammers using the technology to develop convincing replicas of login pages associated with multiple brands, including an unnamed customer of its own. Following responsible disclosure, Vercel has blocked access to these phishing sites. The threat actors behind the campaign have also been found to host other ...