My most useful Chrome extension was stealing my data for years

An extension I used almost every day was bought by a new owner and loaded up with spyware. It happened in 2024, but Google ...
Wired

He Built the Definitive Epstein Database—and It Consumed His Life

In February, a user named EricKeller2 posted on Reddit. “I mapped every connection in the Epstein files,” he wrote. He had built a website and database of more than 1.5 million files related to the ...

GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, ...
Visual Studio Magazine

Going Local (& a Bit Loco) with Open-Source AI in VS Code

This hands-on PoC shows how I got an open-source model running locally in Visual Studio Code, where the setup worked, where it broke down, and what to watch out for if you want to apply a local model ...
InfoWorld

Open VSX extensions hijacked: GlassWorm malware spreads via dependency abuse

Threat actors are publishing clean extensions that later update to depend on hidden payload packages, bypassing marketplace ...
The Hacker News

GlassWorm Supply-Chain Attack Abuses 72 Open VSX Extensions to Target Developers

GlassWorm campaign used 72 malicious Open VSX extensions and infected 151 GitHub repositories, enabling stealth supply-chain ...
Que.com on MSN

Silicon Valley startup fixes buggy AI-generated code with new tools

AI coding assistants have moved from novelty to necessity in many engineering teams. From generating boilerplate functions to drafting unit ...
eWeek

Russian-Linked Phishing Campaign Targets Signal, WhatsApp Users

Dutch intelligence says Russian state hackers are targeting Signal and WhatsApp users through phishing, fake support messages, and device-linking scams.