Field Analysis
The Recruiting Repo Is the Payload
A fake recruiter asking a candidate to review an MVP repo shows why unsolicited source code is not a document. It is an executable threat surface with access to developer secrets.
Tag
#Developer Security
4 articles covering Developer Security across campaign analysis, detection engineering, and defender tradecraft.
Coverage
4 entriesField Analysis
TrapDoor's Cross-Ecosystem Campaign Adds AI-Assistant Poisoning to Supply-Chain Tradecraft
Socket attributes a coordinated supply-chain campaign called TrapDoor to roughly thirty-four packages across npm, PyPI, and Crates.io, with ecosystem-specific execution paths and a new twist: planted .cursorrules and CLAUDE.md files designed to influence the developer's AI coding assistant.
Read more:SocketThe Hacker News
Field Analysis
npm Staged Publishing Moves Package Security Toward Human-Gated Release
GitHub's staged publishing and new npm install-source controls give maintainers practical ways to slow compromised CI/CD paths before a malicious package becomes installable.
Read more:GitHub ChangelogCISA
Field Analysis
Developer Tooling Compromise Turns Trusted Packages Into Phishing Surface
Recent package compromises show how developer trust can be abused to harvest credentials and seed downstream phishing risk.
Read more:BleepingComputerCISA