Multiple SAP npm packages were compromised in a supply chain attack designed to steal developer credentials and tokens.

GitHub facades and Ethereum smart contracts power a March 2026 admin-targeted campaign, enabling resilient C2 rotation and ...

Researchers say the campaign targeted developer credentials and cloud secrets while abusing trusted publishing and AI coding ...

A new statewide startup accelerator program backed by Florida's most influential business leaders is taking shape with Tampa ...

The Bitwarden CLI NPM package compromise is tied to a Checkmarx supply chain attack and references the Shai-Hulud worm.

GlassWorm, a known malware, has put 73 harmful extensions into OpenVSX's registry. Hackers use it to steal developers' crypto ...

More than $17 million in state funding will target freight flow and congestion around Dayton International Airport to improve ...

VS Code extensions since Dec 21, 2025 fuel GlassWorm v2, installing cross-IDE malware and stealing credentials.

After Sugar Hill’s Coffin Pond was drained in March following the state’s removal of a failing decades-old dam, new strides ...

The threat actor seeding the Open VSX code marketplace with fraudulent extensions that download the GlassWorm malware has ...

A new wave of the Glassworm campaign is targeting the OpenVSX ecosystem with 73 "sleeper" extensions that turn malicious ...

The Cybersecurity and Infrastructure Security Agency (CISA) has released an alert to provide guidance in response to the ...