<?xml version="1.0" encoding="utf-8" standalone="yes"?>
<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/">
  <channel>
    <title>Nodejs on Sachin Chavan</title>
    <link>https://sachinsmc.me/blog/tags/nodejs/</link>
    <description>Recent content in Nodejs on Sachin Chavan</description>
    <generator>Hugo</generator>
    <language>en-us</language>
    <lastBuildDate>Mon, 22 Jun 2026 12:00:00 +0400</lastBuildDate>
    <atom:link href="https://sachinsmc.me/blog/tags/nodejs/index.xml" rel="self" type="application/rss+xml" />
    <item>
      <title>A Fake Web3 Job Sent Me a &#39;Test Project&#39;. It Was a Remote-Access Backdoor</title>
      <link>https://sachinsmc.me/blog/posts/fake-web3-job-rce-malware/</link>
      <pubDate>Mon, 22 Jun 2026 12:00:00 +0400</pubDate>
      <guid>https://sachinsmc.me/blog/posts/fake-web3-job-rce-malware/</guid>
      <description>A LinkedIn &amp;lsquo;investor&amp;rsquo; offered me a $70-120/hr Web3 job and sent a &amp;lsquo;skill assessment&amp;rsquo; repo with a 2-3 hour deadline. The moment its server boots, it fetches code from an attacker&amp;rsquo;s machine and runs it with full Node.js privileges. I recognized the trap, told him I&amp;rsquo;d run it (I hadn&amp;rsquo;t), and handed him back his own command-and-control link. Here is the full teardown.</description>
    </item>
  </channel>
</rss>
