GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, ...
SecurityWeek

ForceMemo: Python Repositories Compromised in GlassWorm Aftermath

Hackers use credentials stolen in the GlassWorm campaign to access GitHub accounts and inject malware into Python repositories.
InfoWorld

Open VSX extensions hijacked: GlassWorm malware spreads via dependency abuse

Threat actors are publishing clean extensions that later update to depend on hidden payload packages, bypassing marketplace ...
GitHub

A Krita plugin which automatically (visually) flips your canvas at the interval of your choice.

If you are a digital artist, flipping your canvas frequently is good practice for spotting anatomical and compositional errors which can otherwise go unnoticed due to sensory adaptation. Download the ...
GitHub

opencode-plugin

OpenCode port of Flow-Next: plan-first workflows, Ralph autonomous mode (overnight coding with fresh context), multi-model review gates via Codex, re-anchoring to prevent drift, receipt-based gating.