IntroductionOn March 12, 2026, Zscaler ThreatLabz discovered a malicious ZIP archive containing military-themed document lures targeting Chinese-speaking individuals. Our analysis of this sample ...

Hackers have compromised Docker images, VSCode and Open VSX extensions for the Checkmarx KICS analysis tool to harvest ...

A new wave of the Glassworm campaign is targeting the OpenVSX ecosystem with 73 "sleeper" extensions that turn malicious ...

Malicious KICS Docker tags and VS Code versions 1.17.0, 1.19.0 enabled data exfiltration, risking exposed infrastructure ...

VS Code extensions since Dec 21, 2025 fuel GlassWorm v2, installing cross-IDE malware and stealing credentials.

Attackers continue to scale a campaign to seed Open VSX with seemingly benign VS Code extensions that spread self-propagating ...

In short: Every time you visit LinkedIn in a Chrome-based browser, a hidden JavaScript routine silently probes your browser for more than 6,000 installed extensions, collects 48 hardware and software ...

Breakdown of the Trivy GitHub Actions attack, including workflow misconfigurations, token theft, and supply chain exposure.

JJ Wetherholt had one of his best nights in the big leagues so far on Tuesday. The St. Louis Cardinals phenom went 2-for-4 against the Cleveland Guardians with two homers, three RBIs, two runs scored, ...

Addition of China's .cn and Germany's .de marks a major milestone in simplifying global IP protection, says Tony Kirsch of the Brand Safety Alliance. When the Brand Safety Alliance (BSA) launched ...

Just hours left in the 2026 tax filing season — Tax Day ends at 11:59 p.m. Wednesday, April 15 — and so far, the IRS has received and processed over 99 million income tax returns as of the first week ...