A stealthy campaign with 19 extensions on the VSCode Marketplace has been active since February, targeting developers with ...

Threat actors are still abusing Visual Studio Code extensions as an entry point, with the latest fake Prettier incident showing a multi-stage path from marketplace install to credential theft and full ...

Malicious Visual Studio Code extensions disguised as dark themes and AI assistants infect developers with infostealing ...

Project retires 32-bit ports, embraces pkgbase, and modernizes build process The latest release of FreeBSD contains a lot of crucial under-the-hood changes – and drops 32-bit support on both x86 and ...

Learn how the ShadyPanda campaign turned trusted browser extensions into spyware and the steps security teams can take to ...

The Glassworm campaign, which first emerged on the OpenVSX and Microsoft Visual Studio marketplaces in October, is now in its third wave, with 24 new packages added on the two platforms. OpenVSX and ...

If you spend most of your waking hours glued to your computer, you're probably always on the hunt for better ways to work. That can mean using tools to capture and save information quickly, setting up ...

Beyond part one’s exposure of affiliate revenue hijacking, MegaLag digs into Honey’s “extortion” by adding limited-use “friends and family” type discounts and lying to the store owners about never ...

Struggling with MCP authentication? The November 2025 spec just changed everything. CIMD replaces DCR's complexity with a ...

A malicious extension campaign hit 4.3M users. See how ShadyPanda worked and the steps you should take to protect your ...