Cryptopolitan

Hackers plant 73 sleeper extensions in OpenVSX to steal crypto wallets

GlassWorm, a known malware, has put 73 harmful extensions into OpenVSX's registry. Hackers use it to steal developers' crypto ...
Dark Reading

Fresh Wave of GlassWorm VS Code Extensions Slices Through Supply Chain

Attackers continue to scale a campaign to seed Open VSX with seemingly benign VS Code extensions that spread self-propagating ...
CSO Online

More fake extensions linked to GlassWorm found in Open VSX code marketplace

Socket has notified the Eclipse Foundation, which oversees the Open VSX marketplace, of the latest fraudulent additions, and Burckhardt expects that by now all 73 have been deleted.

Inside Hermes : the OpenSource AI That Automatically Generates Its Own Skills

Learn how to install and use Hermes Agent to automate complex tasks, benchmark AI models like GPT 5.5, and run iterative ...
The Hacker News

Researchers Uncover 73 Fake VS Code Extensions Delivering GlassWorm v2 Malware

VS Code extensions since Dec 21, 2025 fuel GlassWorm v2, installing cross-IDE malware and stealing credentials.
XDA Developers on MSN

I stopped switching to a terminal to run scripts once I found VS Code's task runner

The hidden VS Code tool has replaced the terminal for me.
SecurityWeek

Bitwarden NPM Package Hit in Supply Chain Attack

The Bitwarden CLI NPM package compromise is tied to a Checkmarx supply chain attack and references the Shai-Hulud worm.

TypeScript 7.0 Beta: New Go Backend Accelerates Programming Language

The new version of the programming language with a Go backend is said to be ten times faster than its predecessor, which used ...