Researchers linked 108 malicious Chrome extensions to a coordinated campaign that exposed about 20,000 users to data theft, ...

GlassWorm malware uses a Zig-based dropper to infect developer tools, stealing data and spreading across IDEs.

GlassWorm uses a fake WakaTime VS Code extension to infect IDEs, deploy RATs, and steal data, prompting urgent credential ...

This is GlassWorm: a software supply chain attack that security researchers are calling one of the most sophisticated and ...

Anthropic has accidentally exposed Claude Code's full 512,000-line TypeScript source via an npm source map, revealing ...

The GlassWorm malware campaign is being used to fuel an ongoing attack that leverages the stolen GitHub tokens to inject malware into hundreds of Python repositories. "The attack targets Python ...

Hundreds of GitHub accounts were accessed using credentials stolen in the VS Code GlassWorm campaign. Threat actors have been abusing credentials stolen in the VS Code GlassWorm campaign to hack ...

Critical and high-severity vulnerabilities were found in four widely used Visual Studio Code extensions with a combined 128 million downloads, exposing developers to file theft, remote code execution, ...

For over 5 years, Arthur has been professionally covering video games, writing guides and walkthroughs. His passion for video games began at age 10 in 2010 when he first played Gothic, an immersive ...

A hacker published malicious versions of four established VS Code extensions to distribute a GlassWorm malware loader. The GlassWorm malware has appeared on the Open VSX marketplace again, after a ...

Two malicious VS Code extensions (1.5M installs) secretly exfiltrate source files to a China-based server, while PackageGate zero-days affect JavaScript package managers—pnpm, vlt and Bun patched; npm ...