InfoWorld

Open VSX extensions hijacked: GlassWorm malware spreads via dependency abuse

Threat actors are publishing clean extensions that later update to depend on hidden payload packages, bypassing marketplace ...
Neowin

Microsoft aims to reduce dependency on OpenAI, as it pushes for "AI self-sufficiency"

Microsoft is looking to significantly reduce its dependency on OpenAI, said the company’s AI chief, Mustafa Suleyman. In a recent interview with the Financial Times, Suleymain stated the company is ...
The Hacker News

Chrome Extension Turns Malicious After Ownership Transfer, Enabling Code Injection and Data Theft

Malicious Chrome extensions tied to ownership transfers push malware and steal data, exposing thousands to credential theft and system compromise.

Researchers Uncover New Phishing Risk Hidden Inside Microsoft Copilot

Researchers reveal how Microsoft Copilot can be manipulated by prompt injection attacks to generate convincing phishing messages inside trusted AI summaries.
The Hacker News

GlassWorm Supply-Chain Attack Abuses 72 Open VSX Extensions to Target Developers

GlassWorm campaign used 72 malicious Open VSX extensions and infected 151 GitHub repositories, enabling stealth supply-chain attacks on developers.
Microsoft

Contagious Interview: Malware delivered through fake developer job interviews

The Contagious Interview campaign weaponizes job recruitment to target developers. Threat actors pose as recruiters from crypto and AI companies and deliver backdoors such as OtterCookie and ...
XDA Developers on MSN

Google kept featuring this Chrome extension for months after it turned malicious

How can an extension change hands with no oversight?
Marketing

When Starbucks Jumps from Coffee to Ice Cream: Extend Your Brand Beyond the Original Product

It seems that everywhere we look these days we see brand extensions. Jim Beam's name is now on barbecue sauce, Dannon is selling Dannon water. The Sony name is on everything from Playstations to ...