North-Korea
- WaterPlum's VS Code Trap: How Opening a Folder Deploys a RAT
North Korean threat group WaterPlum is distributing StoatWaffle malware via malicious VS Code projects that auto-execute on folder open. Fake developer job interviews deliver the payload -- no click required once you open the repo.