TECHNOLOGYglobal

North Korean Hackers Abuse VS Code Auto-Run Tasks to Deploy StoatWaffle Malware

Single source

Updated 2 hours ago

First seen March 23, 2026 21:21:11

Stay on top of this story

Follow the names and topics behind it.

Add this story's key topics to your watchlist so LyscoNews can highlight related developments and future matches.

Create free account

Create a free account to sync your watchlist, saved stories, and alerts across devices.

Quick Summary

The North Korean threat actors behind the Contagious Interview campaign, also tracked as WaterPlum, have been attributed to a malware family tracked as StoatWaffle that's distributed via malicious Microsoft Visual Studio Code (VS Code) projects. The use of VS Code "tasks.json" to distribute malware is a relatively new tactic adopted by the threat actor since December 2025, with the attacks

Perspective lens

Deeper Analysis

All coverage links (1)

The Hacker NewsRegional / Local

North Korean Hackers Abuse VS Code Auto-Run Tasks to Deploy StoatWaffle Malware

5 hours ago