Developer-targeting campaign using malicious Next.js repositories