Proof-of-concept exploit code has been published for a critical remote code execution flaw in protobuf.js, a widely used ...

VS Code extensions since Dec 21, 2025 fuel GlassWorm v2, installing cross-IDE malware and stealing credentials.

GlassWorm malware uses a Zig-based dropper to infect developer tools, stealing data and spreading across IDEs.

Malwarebytes recently uncovered a new malicious campaign targeting the Windows Update service. Focused on French-speaking users, the campaign uses layered obfuscation techniques to deliver multiple ...

GlassWorm uses a fake WakaTime VS Code extension to infect IDEs, deploy RATs, and steal data, prompting urgent credential ...

The threat actor infected victims with the Snow malware family – Snowbelt, Snowglaze, and Snowbasin – for persistent access.

The Bitwarden CLI NPM package compromise is tied to a Checkmarx supply chain attack and references the Shai-Hulud worm.

Adobe has released an emergency security update for Acrobat Reader to fix a vulnerability, tracked as CVE-2026-34621, that ...

Attackers stole a long-lived npm token from the lead axios maintainer and published two poisoned versions that drop a cross-platform RAT. Axios sits in 80% of cloud environments. Huntress confirmed ...

What makes Codex useful for building websites is that it can install software packages, run a local preview server, track ...

Fake packages aim to steal data, credentials, and secrets, and to infect every package created using them, in what could be ...