DigiNews

Summary

Security researcher Roman Imankulov reveals a backdoor embedded in a LinkedIn recruiter outreach and a Node.js project, triggered automatically when dependencies are installed. The post documents social-engineering and identity impersonation tactics used to lure the target and demonstrates how a read-only code review can catch the payload quickly. It ends with practical takeaways on paranoid verification, sandboxed reviews, and reporting suspicious repos.