GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, ...
InfoWorld

Open VSX extensions hijacked: GlassWorm malware spreads via dependency abuse

Threat actors are publishing clean extensions that later update to depend on hidden payload packages, bypassing marketplace ...
Microsoft

Running OpenClaw safely: identity, isolation, and runtime risk

Self-hosted agent runtimes like OpenClaw are showing up fast in enterprise pilots, and they introduce a blunt reality: OpenClaw includes limited built-in security controls. The runtime can ingest ...
InfoQ

VillageSQL Launches as an Extension-Focused MySQL Fork

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...
winbuzzer.com

Malicious VS Code Extensions Steal Code from 1.5M Developers

Security researchers revealed two malicious VS Code extensions exfiltrated code snippets, API keys, and proprietary algorithms from 1.5 million developers to servers in China while masquerading as AI ...
Forbes

New Domain Extensions In 2026: What Entrepreneurs Should Know About Owning A Piece Of The Internet

It's possible to own a slice of the internet and rent it out, almost like property. Surprising? Consider .xyz: When Google reorganized into Alphabet in 2015, it launched its site abc.xyz. Overnight, ...
InfoWorld

What is the future for MySQL?

In May of 2025, MySQL celebrated its 30th anniversary. Not many technology projects go strong for three decades, let alone at the level of use that MySQL enjoys. MySQL is listed at #2 on the ...
IEEE

Protect Your Secrets: Understanding and Measuring Data Exposure in VSCode Extensions

Abstract: Recent years have witnessed the emerging trend of extensions in modern Integrated Development Environments (IDEs) like Visual Studio Code (VSCode) that significantly enhance developer ...
SecurityWeek

GhostPoster Firefox Extensions Hide Malware in Icons

The malware hijacks purchase commissions, tracks users, removes security headers, injects hidden iframes, and bypasses CAPTCHA. Koi Security has identified a malicious campaign targeting Firefox users ...
The Hacker News

Researchers Find Malicious VS Code, Go, npm, and Rust Packages Stealing Developer Data

Cybersecurity researchers have discovered two new extensions on Microsoft Visual Studio Code (VS Code) Marketplace that are designed to infect developer machines with stealer malware. The VS Code ...
TechSpot

Popular Chrome and Edge extensions go rogue, infecting over 4 million devices with spyware

A hot potato: Cybersecurity researchers have uncovered a sophisticated malware campaign that infected millions of computers via browser extensions on the Chrome Web Store and Microsoft Edge add-ons ...