The Hacker News

SAP-Related npm Packages Compromised in Credential-Stealing Supply Chain Attack

SAP npm packages poisoned on April 29, 2026 + AES-256-GCM encrypted credential theft + AI coding tools abused for spread.
The Hacker News

Researchers Uncover 73 Fake VS Code Extensions Delivering GlassWorm v2 Malware

VS Code extensions since Dec 21, 2025 fuel GlassWorm v2, installing cross-IDE malware and stealing credentials.
GitHub

SuperHTML VSCode LSP

IMPORTANT: disable the builtin VSCode HTML extension! Due to a bug in VSCode's builtin HTML extension, SuperHTML cannot disable wrong end tag suggestions from VSCode automatically. You can still ...
GitHub

Arduino CLI Wrapper (VS Code Extension)

VS Code extension to run Arduino CLI from the command palette, status bar, and an Explorer view. It streams colored logs to a pseudo terminal, supports sketch.yaml profiles, and updates IntelliSense ...