InfoWorld

Open VSX extensions hijacked: GlassWorm malware spreads via dependency abuse

Threat actors are publishing clean extensions that later update to depend on hidden payload packages, bypassing marketplace ...
ADTmag

Apache Geode returns with 2.0 modernization push, moves to Java 17 and Jakarta EE 10

Apache Geode has been revived after a near shutdown. Geode 2.0 is positioned as a modernization reset, not a minor upgrade.