A developer received a LinkedIn message from a recruiter with a job offer and a request to review a GitHub repository. The developer discovered a backdoor in the repository that could execute arbitrary code on the reviewer's machine. The backdoor was disguised as a test suite and was triggered by running npm install. The developer reported the repository to GitHub and the recruiter to LinkedIn.