{"id":19646,"date":"2026-03-23T18:09:00","date_gmt":"2026-03-23T18:09:00","guid":{"rendered":"https:\/\/sekuritasit.com\/index.php\/2026\/03\/23\/north-korean-hackers-abuse-vs-code-auto-run-tasks-to-deploy-stoatwaffle-malware-infothehackernews-com-the-hacker-news\/"},"modified":"2026-03-23T18:09:00","modified_gmt":"2026-03-23T18:09:00","slug":"north-korean-hackers-abuse-vs-code-auto-run-tasks-to-deploy-stoatwaffle-malware-infothehackernews-com-the-hacker-news","status":"publish","type":"post","link":"https:\/\/sekuritasit.com\/index.php\/2026\/03\/23\/north-korean-hackers-abuse-vs-code-auto-run-tasks-to-deploy-stoatwaffle-malware-infothehackernews-com-the-hacker-news\/","title":{"rendered":"North Korean Hackers Abuse VS Code Auto-Run Tasks to Deploy StoatWaffle Malware info@thehackernews.com (The Hacker News)"},"content":{"rendered":"<p>The North Korean threat actors behind the Contagious Interview campaign, also tracked as WaterPlum, have been attributed to a malware family tracked as StoatWaffle that&#8217;s distributed via malicious Microsoft Visual Studio Code (VS Code) projects.<br \/>\nThe use of VS Code &#8220;tasks.json&#8221; to distribute malware is a relatively new tactic adopted by the threat actor since December 2025, with the attacks<a href=\"https:\/\/thehackernews.com\/2026\/03\/north-korean-hackers-abuse-vs-code-auto.html\" target=\"_blank\" class=\"feedzy-rss-link-icon\">Read More<\/a>\u00a0<\/p>","protected":false},"excerpt":{"rendered":"<p>The North Korean threat actors behind the Contagious Interview campaign, also tracked as WaterPlum, have been attributed to a malware family tracked as StoatWaffle that&#8217;s distributed via malicious Microsoft Visual Studio Code (VS Code) projects. The use of VS Code &#8220;tasks.json&#8221; to distribute malware is a relatively new tactic adopted by the threat actor since [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":19647,"comment_status":"","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[1],"tags":[],"class_list":["post-19646","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-uncategorized"],"aioseo_notices":[],"aioseo_head":"\n\t\t<!-- All in One SEO 4.9.8 - aioseo.com -->\n\t<meta name=\"description\" content=\"The North Korean threat actors behind the Contagious Interview campaign, also tracked as WaterPlum, have been attributed to a malware family tracked as StoatWaffle that&#039;s distributed via malicious Microsoft Visual Studio Code (VS Code) projects. The use of VS Code &quot;tasks.json&quot; to distribute malware is a relatively new tactic adopted by the threat actor since\" \/>\n\t<meta name=\"robots\" content=\"max-image-preview:large\" \/>\n\t<meta name=\"author\" content=\"admin\"\/>\n\t<link rel=\"canonical\" href=\"https:\/\/sekuritasit.com\/index.php\/2026\/03\/23\/north-korean-hackers-abuse-vs-code-auto-run-tasks-to-deploy-stoatwaffle-malware-infothehackernews-com-the-hacker-news\/\" \/>\n\t<meta name=\"generator\" content=\"All in One SEO (AIOSEO) 4.9.8\" \/>\n\t\t<meta property=\"og:locale\" content=\"en_US\" \/>\n\t\t<meta property=\"og:site_name\" content=\"Sekuritas IT \u203a Creative solutions to unique challenges.\" \/>\n\t\t<meta property=\"og:type\" content=\"article\" \/>\n\t\t<meta property=\"og:title\" content=\"North Korean Hackers Abuse VS Code Auto-Run Tasks to Deploy StoatWaffle Malware info@thehackernews.com (The Hacker News) \u203a Sekuritas IT\" \/>\n\t\t<meta property=\"og:description\" content=\"The North Korean threat actors behind the Contagious Interview campaign, also tracked as WaterPlum, have been attributed to a malware family tracked as StoatWaffle that&#039;s distributed via malicious Microsoft Visual Studio Code (VS Code) projects. The use of VS Code &quot;tasks.json&quot; to distribute malware is a relatively new tactic adopted by the threat actor since\" \/>\n\t\t<meta property=\"og:url\" content=\"https:\/\/sekuritasit.com\/index.php\/2026\/03\/23\/north-korean-hackers-abuse-vs-code-auto-run-tasks-to-deploy-stoatwaffle-malware-infothehackernews-com-the-hacker-news\/\" \/>\n\t\t<meta property=\"article:published_time\" content=\"2026-03-23T18:09:00+00:00\" \/>\n\t\t<meta property=\"article:modified_time\" content=\"2026-03-23T18:09:00+00:00\" \/>\n\t\t<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/profile.php?id=100086973577423\" \/>\n\t\t<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n\t\t<meta name=\"twitter:title\" content=\"North Korean Hackers Abuse VS Code Auto-Run Tasks to Deploy StoatWaffle Malware info@thehackernews.com (The Hacker News) \u203a Sekuritas IT\" \/>\n\t\t<meta name=\"twitter:description\" content=\"The North Korean threat actors behind the Contagious Interview campaign, also tracked as WaterPlum, have been attributed to a malware family tracked as StoatWaffle that&#039;s distributed via malicious Microsoft Visual Studio Code (VS Code) projects. The use of VS Code &quot;tasks.json&quot; to distribute malware is a relatively new tactic adopted by the threat actor since\" \/>\n\t\t<script type=\"application\/ld+json\" class=\"aioseo-schema\">\n\t\t\t{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"BlogPosting\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2026\\\/03\\\/23\\\/north-korean-hackers-abuse-vs-code-auto-run-tasks-to-deploy-stoatwaffle-malware-infothehackernews-com-the-hacker-news\\\/#blogposting\",\"name\":\"North Korean Hackers Abuse VS Code Auto-Run Tasks to Deploy StoatWaffle Malware info@thehackernews.com (The Hacker News) \\u203a Sekuritas IT\",\"headline\":\"North Korean Hackers Abuse VS Code Auto-Run Tasks to Deploy StoatWaffle Malware info@thehackernews.com (The Hacker News)\",\"author\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/author\\\/admin\\\/#author\"},\"publisher\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/#organization\"},\"image\":{\"@type\":\"ImageObject\",\"url\":\"https:\\\/\\\/sekuritasit.com\\\/wp-content\\\/uploads\\\/2026\\\/03\\\/northkorean-g0DoiJ.jpg\",\"width\":900,\"height\":470},\"datePublished\":\"2026-03-23T18:09:00+00:00\",\"dateModified\":\"2026-03-23T18:09:00+00:00\",\"inLanguage\":\"en-US\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2026\\\/03\\\/23\\\/north-korean-hackers-abuse-vs-code-auto-run-tasks-to-deploy-stoatwaffle-malware-infothehackernews-com-the-hacker-news\\\/#webpage\"},\"isPartOf\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2026\\\/03\\\/23\\\/north-korean-hackers-abuse-vs-code-auto-run-tasks-to-deploy-stoatwaffle-malware-infothehackernews-com-the-hacker-news\\\/#webpage\"},\"articleSection\":\"Uncategorized\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2026\\\/03\\\/23\\\/north-korean-hackers-abuse-vs-code-auto-run-tasks-to-deploy-stoatwaffle-malware-infothehackernews-com-the-hacker-news\\\/#breadcrumblist\",\"itemListElement\":[{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com#listItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/sekuritasit.com\",\"nextItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/category\\\/uncategorized\\\/#listItem\",\"name\":\"Uncategorized\"}},{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/category\\\/uncategorized\\\/#listItem\",\"position\":2,\"name\":\"Uncategorized\",\"item\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/category\\\/uncategorized\\\/\",\"nextItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2026\\\/03\\\/23\\\/north-korean-hackers-abuse-vs-code-auto-run-tasks-to-deploy-stoatwaffle-malware-infothehackernews-com-the-hacker-news\\\/#listItem\",\"name\":\"North Korean Hackers Abuse VS Code Auto-Run Tasks to Deploy StoatWaffle Malware info@thehackernews.com (The Hacker News)\"},\"previousItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com#listItem\",\"name\":\"Home\"}},{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2026\\\/03\\\/23\\\/north-korean-hackers-abuse-vs-code-auto-run-tasks-to-deploy-stoatwaffle-malware-infothehackernews-com-the-hacker-news\\\/#listItem\",\"position\":3,\"name\":\"North Korean Hackers Abuse VS Code Auto-Run Tasks to Deploy StoatWaffle Malware info@thehackernews.com (The Hacker News)\",\"previousItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/category\\\/uncategorized\\\/#listItem\",\"name\":\"Uncategorized\"}}]},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/#organization\",\"name\":\"Sekuritas IT\",\"description\":\"Creative solutions to unique challenges.\",\"url\":\"https:\\\/\\\/sekuritasit.com\\\/\",\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/profile.php?id=100086973577423\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/author\\\/admin\\\/#author\",\"url\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/author\\\/admin\\\/\",\"name\":\"admin\",\"image\":{\"@type\":\"ImageObject\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2026\\\/03\\\/23\\\/north-korean-hackers-abuse-vs-code-auto-run-tasks-to-deploy-stoatwaffle-malware-infothehackernews-com-the-hacker-news\\\/#authorImage\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d7e1b280a86a35aded993a38df224bb7b360b70bfbabceccbea7c0ef0ab5e175?s=96&d=retro&r=g\",\"width\":96,\"height\":96,\"caption\":\"admin\"}},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2026\\\/03\\\/23\\\/north-korean-hackers-abuse-vs-code-auto-run-tasks-to-deploy-stoatwaffle-malware-infothehackernews-com-the-hacker-news\\\/#webpage\",\"url\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2026\\\/03\\\/23\\\/north-korean-hackers-abuse-vs-code-auto-run-tasks-to-deploy-stoatwaffle-malware-infothehackernews-com-the-hacker-news\\\/\",\"name\":\"North Korean Hackers Abuse VS Code Auto-Run Tasks to Deploy StoatWaffle Malware info@thehackernews.com (The Hacker News) \\u203a Sekuritas IT\",\"description\":\"The North Korean threat actors behind the Contagious Interview campaign, also tracked as WaterPlum, have been attributed to a malware family tracked as StoatWaffle that's distributed via malicious Microsoft Visual Studio Code (VS Code) projects. The use of VS Code \\\"tasks.json\\\" to distribute malware is a relatively new tactic adopted by the threat actor since\",\"inLanguage\":\"en-US\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/#website\"},\"breadcrumb\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2026\\\/03\\\/23\\\/north-korean-hackers-abuse-vs-code-auto-run-tasks-to-deploy-stoatwaffle-malware-infothehackernews-com-the-hacker-news\\\/#breadcrumblist\"},\"author\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/author\\\/admin\\\/#author\"},\"creator\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/author\\\/admin\\\/#author\"},\"image\":{\"@type\":\"ImageObject\",\"url\":\"https:\\\/\\\/sekuritasit.com\\\/wp-content\\\/uploads\\\/2026\\\/03\\\/northkorean-g0DoiJ.jpg\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2026\\\/03\\\/23\\\/north-korean-hackers-abuse-vs-code-auto-run-tasks-to-deploy-stoatwaffle-malware-infothehackernews-com-the-hacker-news\\\/#mainImage\",\"width\":900,\"height\":470},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2026\\\/03\\\/23\\\/north-korean-hackers-abuse-vs-code-auto-run-tasks-to-deploy-stoatwaffle-malware-infothehackernews-com-the-hacker-news\\\/#mainImage\"},\"datePublished\":\"2026-03-23T18:09:00+00:00\",\"dateModified\":\"2026-03-23T18:09:00+00:00\"},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/#website\",\"url\":\"https:\\\/\\\/sekuritasit.com\\\/\",\"name\":\"Sekuritas IT\",\"alternateName\":\"Sekuritas\",\"description\":\"Creative solutions to unique challenges.\",\"inLanguage\":\"en-US\",\"publisher\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/#organization\"}}]}\n\t\t<\/script>\n\t\t<!-- All in One SEO -->\n\n","aioseo_head_json":{"title":"North Korean Hackers Abuse VS Code Auto-Run Tasks to Deploy StoatWaffle Malware info@thehackernews.com (The Hacker News) \u203a Sekuritas IT","description":"The North Korean threat actors behind the Contagious Interview campaign, also tracked as WaterPlum, have been attributed to a malware family tracked as StoatWaffle that's distributed via malicious Microsoft Visual Studio Code (VS Code) projects. The use of VS Code \"tasks.json\" to distribute malware is a relatively new tactic adopted by the threat actor since","canonical_url":"https:\/\/sekuritasit.com\/index.php\/2026\/03\/23\/north-korean-hackers-abuse-vs-code-auto-run-tasks-to-deploy-stoatwaffle-malware-infothehackernews-com-the-hacker-news\/","robots":"max-image-preview:large","keywords":"","webmasterTools":{"miscellaneous":""},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"BlogPosting","@id":"https:\/\/sekuritasit.com\/index.php\/2026\/03\/23\/north-korean-hackers-abuse-vs-code-auto-run-tasks-to-deploy-stoatwaffle-malware-infothehackernews-com-the-hacker-news\/#blogposting","name":"North Korean Hackers Abuse VS Code Auto-Run Tasks to Deploy StoatWaffle Malware info@thehackernews.com (The Hacker News) \u203a Sekuritas IT","headline":"North Korean Hackers Abuse VS Code Auto-Run Tasks to Deploy StoatWaffle Malware info@thehackernews.com (The Hacker News)","author":{"@id":"https:\/\/sekuritasit.com\/index.php\/author\/admin\/#author"},"publisher":{"@id":"https:\/\/sekuritasit.com\/#organization"},"image":{"@type":"ImageObject","url":"https:\/\/sekuritasit.com\/wp-content\/uploads\/2026\/03\/northkorean-g0DoiJ.jpg","width":900,"height":470},"datePublished":"2026-03-23T18:09:00+00:00","dateModified":"2026-03-23T18:09:00+00:00","inLanguage":"en-US","mainEntityOfPage":{"@id":"https:\/\/sekuritasit.com\/index.php\/2026\/03\/23\/north-korean-hackers-abuse-vs-code-auto-run-tasks-to-deploy-stoatwaffle-malware-infothehackernews-com-the-hacker-news\/#webpage"},"isPartOf":{"@id":"https:\/\/sekuritasit.com\/index.php\/2026\/03\/23\/north-korean-hackers-abuse-vs-code-auto-run-tasks-to-deploy-stoatwaffle-malware-infothehackernews-com-the-hacker-news\/#webpage"},"articleSection":"Uncategorized"},{"@type":"BreadcrumbList","@id":"https:\/\/sekuritasit.com\/index.php\/2026\/03\/23\/north-korean-hackers-abuse-vs-code-auto-run-tasks-to-deploy-stoatwaffle-malware-infothehackernews-com-the-hacker-news\/#breadcrumblist","itemListElement":[{"@type":"ListItem","@id":"https:\/\/sekuritasit.com#listItem","position":1,"name":"Home","item":"https:\/\/sekuritasit.com","nextItem":{"@type":"ListItem","@id":"https:\/\/sekuritasit.com\/index.php\/category\/uncategorized\/#listItem","name":"Uncategorized"}},{"@type":"ListItem","@id":"https:\/\/sekuritasit.com\/index.php\/category\/uncategorized\/#listItem","position":2,"name":"Uncategorized","item":"https:\/\/sekuritasit.com\/index.php\/category\/uncategorized\/","nextItem":{"@type":"ListItem","@id":"https:\/\/sekuritasit.com\/index.php\/2026\/03\/23\/north-korean-hackers-abuse-vs-code-auto-run-tasks-to-deploy-stoatwaffle-malware-infothehackernews-com-the-hacker-news\/#listItem","name":"North Korean Hackers Abuse VS Code Auto-Run Tasks to Deploy StoatWaffle Malware info@thehackernews.com (The Hacker News)"},"previousItem":{"@type":"ListItem","@id":"https:\/\/sekuritasit.com#listItem","name":"Home"}},{"@type":"ListItem","@id":"https:\/\/sekuritasit.com\/index.php\/2026\/03\/23\/north-korean-hackers-abuse-vs-code-auto-run-tasks-to-deploy-stoatwaffle-malware-infothehackernews-com-the-hacker-news\/#listItem","position":3,"name":"North Korean Hackers Abuse VS Code Auto-Run Tasks to Deploy StoatWaffle Malware info@thehackernews.com (The Hacker News)","previousItem":{"@type":"ListItem","@id":"https:\/\/sekuritasit.com\/index.php\/category\/uncategorized\/#listItem","name":"Uncategorized"}}]},{"@type":"Organization","@id":"https:\/\/sekuritasit.com\/#organization","name":"Sekuritas IT","description":"Creative solutions to unique challenges.","url":"https:\/\/sekuritasit.com\/","sameAs":["https:\/\/www.facebook.com\/profile.php?id=100086973577423"]},{"@type":"Person","@id":"https:\/\/sekuritasit.com\/index.php\/author\/admin\/#author","url":"https:\/\/sekuritasit.com\/index.php\/author\/admin\/","name":"admin","image":{"@type":"ImageObject","@id":"https:\/\/sekuritasit.com\/index.php\/2026\/03\/23\/north-korean-hackers-abuse-vs-code-auto-run-tasks-to-deploy-stoatwaffle-malware-infothehackernews-com-the-hacker-news\/#authorImage","url":"https:\/\/secure.gravatar.com\/avatar\/d7e1b280a86a35aded993a38df224bb7b360b70bfbabceccbea7c0ef0ab5e175?s=96&d=retro&r=g","width":96,"height":96,"caption":"admin"}},{"@type":"WebPage","@id":"https:\/\/sekuritasit.com\/index.php\/2026\/03\/23\/north-korean-hackers-abuse-vs-code-auto-run-tasks-to-deploy-stoatwaffle-malware-infothehackernews-com-the-hacker-news\/#webpage","url":"https:\/\/sekuritasit.com\/index.php\/2026\/03\/23\/north-korean-hackers-abuse-vs-code-auto-run-tasks-to-deploy-stoatwaffle-malware-infothehackernews-com-the-hacker-news\/","name":"North Korean Hackers Abuse VS Code Auto-Run Tasks to Deploy StoatWaffle Malware info@thehackernews.com (The Hacker News) \u203a Sekuritas IT","description":"The North Korean threat actors behind the Contagious Interview campaign, also tracked as WaterPlum, have been attributed to a malware family tracked as StoatWaffle that's distributed via malicious Microsoft Visual Studio Code (VS Code) projects. The use of VS Code \"tasks.json\" to distribute malware is a relatively new tactic adopted by the threat actor since","inLanguage":"en-US","isPartOf":{"@id":"https:\/\/sekuritasit.com\/#website"},"breadcrumb":{"@id":"https:\/\/sekuritasit.com\/index.php\/2026\/03\/23\/north-korean-hackers-abuse-vs-code-auto-run-tasks-to-deploy-stoatwaffle-malware-infothehackernews-com-the-hacker-news\/#breadcrumblist"},"author":{"@id":"https:\/\/sekuritasit.com\/index.php\/author\/admin\/#author"},"creator":{"@id":"https:\/\/sekuritasit.com\/index.php\/author\/admin\/#author"},"image":{"@type":"ImageObject","url":"https:\/\/sekuritasit.com\/wp-content\/uploads\/2026\/03\/northkorean-g0DoiJ.jpg","@id":"https:\/\/sekuritasit.com\/index.php\/2026\/03\/23\/north-korean-hackers-abuse-vs-code-auto-run-tasks-to-deploy-stoatwaffle-malware-infothehackernews-com-the-hacker-news\/#mainImage","width":900,"height":470},"primaryImageOfPage":{"@id":"https:\/\/sekuritasit.com\/index.php\/2026\/03\/23\/north-korean-hackers-abuse-vs-code-auto-run-tasks-to-deploy-stoatwaffle-malware-infothehackernews-com-the-hacker-news\/#mainImage"},"datePublished":"2026-03-23T18:09:00+00:00","dateModified":"2026-03-23T18:09:00+00:00"},{"@type":"WebSite","@id":"https:\/\/sekuritasit.com\/#website","url":"https:\/\/sekuritasit.com\/","name":"Sekuritas IT","alternateName":"Sekuritas","description":"Creative solutions to unique challenges.","inLanguage":"en-US","publisher":{"@id":"https:\/\/sekuritasit.com\/#organization"}}]},"og:locale":"en_US","og:site_name":"Sekuritas IT \u203a Creative solutions to unique challenges.","og:type":"article","og:title":"North Korean Hackers Abuse VS Code Auto-Run Tasks to Deploy StoatWaffle Malware info@thehackernews.com (The Hacker News) \u203a Sekuritas IT","og:description":"The North Korean threat actors behind the Contagious Interview campaign, also tracked as WaterPlum, have been attributed to a malware family tracked as StoatWaffle that's distributed via malicious Microsoft Visual Studio Code (VS Code) projects. The use of VS Code &quot;tasks.json&quot; to distribute malware is a relatively new tactic adopted by the threat actor since","og:url":"https:\/\/sekuritasit.com\/index.php\/2026\/03\/23\/north-korean-hackers-abuse-vs-code-auto-run-tasks-to-deploy-stoatwaffle-malware-infothehackernews-com-the-hacker-news\/","article:published_time":"2026-03-23T18:09:00+00:00","article:modified_time":"2026-03-23T18:09:00+00:00","article:publisher":"https:\/\/www.facebook.com\/profile.php?id=100086973577423","twitter:card":"summary_large_image","twitter:title":"North Korean Hackers Abuse VS Code Auto-Run Tasks to Deploy StoatWaffle Malware info@thehackernews.com (The Hacker News) \u203a Sekuritas IT","twitter:description":"The North Korean threat actors behind the Contagious Interview campaign, also tracked as WaterPlum, have been attributed to a malware family tracked as StoatWaffle that's distributed via malicious Microsoft Visual Studio Code (VS Code) projects. The use of VS Code &quot;tasks.json&quot; to distribute malware is a relatively new tactic adopted by the threat actor since"},"aioseo_meta_data":{"post_id":"19646","title":null,"description":null,"keywords":null,"keyphrases":null,"primary_term":null,"canonical_url":null,"og_title":null,"og_description":null,"og_object_type":"default","og_image_type":"default","og_image_url":null,"og_image_width":null,"og_image_height":null,"og_image_custom_url":null,"og_image_custom_fields":null,"og_video":null,"og_custom_url":null,"og_article_section":null,"og_article_tags":null,"twitter_use_og":false,"twitter_card":"default","twitter_image_type":"default","twitter_image_url":null,"twitter_image_custom_url":null,"twitter_image_custom_fields":null,"twitter_title":null,"twitter_description":null,"schema":{"blockGraphs":[],"customGraphs":[],"default":{"data":{"Article":[],"Course":[],"Dataset":[],"FAQPage":[],"Movie":[],"Person":[],"Product":[],"ProductReview":[],"Car":[],"Recipe":[],"Service":[],"SoftwareApplication":[],"WebPage":[]},"graphName":"","isEnabled":true},"graphs":[]},"schema_type":"default","schema_type_options":null,"pillar_content":false,"robots_default":true,"robots_noindex":false,"robots_noarchive":false,"robots_nosnippet":false,"robots_nofollow":false,"robots_noimageindex":false,"robots_noodp":false,"robots_notranslate":false,"robots_max_snippet":null,"robots_max_videopreview":null,"robots_max_imagepreview":"large","priority":null,"frequency":null,"local_seo":null,"breadcrumb_settings":null,"limit_modified_date":false,"ai":null,"created":"2026-03-23 19:59:40","updated":"2026-03-23 19:59:40","seo_analyzer_scan_date":null},"aioseo_breadcrumb":"<div class=\"aioseo-breadcrumbs\"><span class=\"aioseo-breadcrumb\">\n\t\t\t<a href=\"https:\/\/sekuritasit.com\" title=\"Home\">Home<\/a>\n\t\t<\/span><span class=\"aioseo-breadcrumb-separator\">&raquo;<\/span><span class=\"aioseo-breadcrumb\">\n\t\t\t<a href=\"https:\/\/sekuritasit.com\/index.php\/category\/uncategorized\/\" title=\"Uncategorized\">Uncategorized<\/a>\n\t\t<\/span><span class=\"aioseo-breadcrumb-separator\">&raquo;<\/span><span class=\"aioseo-breadcrumb\">\n\t\t\tNorth Korean Hackers Abuse VS Code Auto-Run Tasks to Deploy StoatWaffle Malware info@thehackernews.com (The Hacker News)\n\t\t<\/span><\/div>","aioseo_breadcrumb_json":[{"label":"Home","link":"https:\/\/sekuritasit.com"},{"label":"Uncategorized","link":"https:\/\/sekuritasit.com\/index.php\/category\/uncategorized\/"},{"label":"North Korean Hackers Abuse VS Code Auto-Run Tasks to Deploy StoatWaffle Malware info@thehackernews.com (The Hacker News)","link":"https:\/\/sekuritasit.com\/index.php\/2026\/03\/23\/north-korean-hackers-abuse-vs-code-auto-run-tasks-to-deploy-stoatwaffle-malware-infothehackernews-com-the-hacker-news\/"}],"_links":{"self":[{"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/posts\/19646","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/comments?post=19646"}],"version-history":[{"count":0,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/posts\/19646\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/media\/19647"}],"wp:attachment":[{"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/media?parent=19646"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/categories?post=19646"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/tags?post=19646"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}