TechSecInfo

The tech + cyber briefing: what happened, why it matters, and where it came from.

Cyber Security

North Korean Hackers Abuse VS Code Auto-Run Tasks to Deploy StoatWaffle Malware

By rooter

The North Korean threat actors behind the Contagious Interview campaign, also tracked as WaterPlum, have been attributed to a malware family tracked as StoatWaffle that’s distributed via malicious Microsoft Visual Studio Code (VS Code) projects.
The use of VS Code “tasks.json” to distribute malware is a relatively new tactic adopted by the threat actor since December 2025, with the attacks

Oh hi there 👋
It’s nice to meet you.

Sign up to receive awesome content in your inbox, every month.

We don’t spam! Read our privacy policy for more info.

Oh hi there 👋
It’s nice to meet you.

Sign up to receive awesome content in your inbox, every month.

We don’t spam! Read our privacy policy for more info.

By rooter

Related Post

Cyber Security

Trivy Supply Chain Attack Targets CI/CD Secrets

rooter
Cyber Security

CISOs Debate Human Role in AI-Powered Security

rooter
Cyber Security

Rethinking Song Creation Through Language Driven Systems

rooter

Leave a Reply

You Missed

News

QNAP fixed four vulnerabilities demonstrated at Pwn2Own Ireland 2025

News

CISOs Debate Human Role in AI-Powered Security

News

Mark Zuckerberg Is Building an AI CEO. Will He Lay Himself Off?

News

The Next PlayStation May Rely on AI More Than Any Console Before Before It