GlassWorm malware attacks return via 73 OpenVSX "sleeper" extensions

A new wave of the Glassworm campaign is targeting the OpenVSX ecosystem with 73 "sleeper" extensions that turn malicious ...
The Hacker News

Researchers Uncover 73 Fake VS Code Extensions Delivering GlassWorm v2 Malware

VS Code extensions since Dec 21, 2025 fuel GlassWorm v2, installing cross-IDE malware and stealing credentials.
Hosted on MSN

VSCode market struck by huge influx of malicious WhiteCobra extensions - so be warned

Researchers found 24 malicious extensions in Visual Studio Marketplace and Open VSX Registry deploying Lumma Stealer and other malware The attack targeted cryptocurrency holders and developers, with ...
How-To Geek on MSN

10 VS Code extensions I can't live without

Try these extensions and you'll wonder how you ever lived without them!
Security Boulevard

GitHub Actions Supply Chain Attack: Trivy Breach & Workflow

Breakdown of the Trivy GitHub Actions attack, including workflow misconfigurations, token theft, and supply chain exposure.
NPR

Trump grants Iran another extension on a deadline to reopen the Strait of Hormuz

The war in the Middle East ramped up on Thursday as Israel launched a wave of strikes targeting Iranian infrastructure in the central city of Isfahan, and said it killed the head of the Iranian ...