Security Boulevard

Why Financial Services Leaders Are Re-Evaluating Open Source for Database Change Management

OSS can be too risky for banks and FinTechs working to meet security, governance, and compliance demands. Know the risks.
CSO Online

More fake extensions linked to GlassWorm found in Open VSX code marketplace

Socket has notified the Eclipse Foundation, which oversees the Open VSX marketplace, of the latest fraudulent additions, and Burckhardt expects that by now all 73 have been deleted.
Dark Reading

Fresh Wave of GlassWorm VS Code Extensions Slices Through Supply Chain

Attackers continue to scale a campaign to seed Open VSX with seemingly benign VS Code extensions that spread self-propagating ...

GlassWorm malware attacks return via 73 OpenVSX "sleeper" extensions

A new wave of the Glassworm campaign is targeting the OpenVSX ecosystem with 73 "sleeper" extensions that turn malicious ...