APT group (who maybe based in China or speak native Chinese), working at request of North Korea DPRK, used Chrome 0day exploit and backdoor'd visual studio projects to hack security researchers and steal their warez. Be careful when clicking on blog links or security research related materials, ideally use a VM or separate host for social interactions. The attackers were active in the community for almost a year before they were detected and hacked prominent researchers.
The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!