North Korean Hackers Weaponize VS Code Projects

North Korean threat actors are using phishing campaigns that target developers with fake job recruitment and code review emails. The attacks trick victims into opening malicious GitHub repositories in VS Code, triggering malware execution via the "runOn: folderOpen" technique. Over 250 emails targeted nearly 100 organizations, with more than 75% in the U.S.