InfoWorld

SAP npm package attack highlights risks in developer tools and CI/CD pipelines

Researchers say the campaign targeted developer credentials and cloud secrets while abusing trusted publishing and AI coding ...
Windows Report

Visual Studio Code Update Adds Remote Copilot Control and Enterprise AI Restrictions

VS Code 1.118 adds remote Copilot control, enterprise AI restrictions, and smarter caching while improving developer ...

AWS brings OpenAI’s AI models and Codex programming assistant to its cloud

OpenAI Group PBC’s large language models available on its cloud platform. The algorithms are accessible through Amazon ...
Cryptopolitan

Hackers plant 73 sleeper extensions in OpenVSX to steal crypto wallets

GlassWorm, a known malware, has put 73 harmful extensions into OpenVSX's registry. Hackers use it to steal developers' crypto ...
CSO Online

More fake extensions linked to GlassWorm found in Open VSX code marketplace

The threat actor seeding the Open VSX code marketplace with fraudulent extensions that download the GlassWorm malware has ...

GlassWorm malware attacks return via 73 OpenVSX "sleeper" extensions

A new wave of the Glassworm campaign is targeting the OpenVSX ecosystem with 73 "sleeper" extensions that turn malicious ...
The Hacker News

Researchers Uncover 73 Fake VS Code Extensions Delivering GlassWorm v2 Malware

VS Code extensions since Dec 21, 2025 fuel GlassWorm v2, installing cross-IDE malware and stealing credentials.