Researchers linked 108 malicious Chrome extensions to a coordinated campaign that exposed about 20,000 users to data theft, ...

GlassWorm malware uses a Zig-based dropper to infect developer tools, stealing data and spreading across IDEs.

GlassWorm uses a fake WakaTime VS Code extension to infect IDEs, deploy RATs, and steal data, prompting urgent credential ...

OpenClaw's Node for VS Code extension proved it can support a real local file-based workflow, but on Windows the experience still feels more like early infrastructure than finished tooling.

This is GlassWorm: a software supply chain attack that security researchers are calling one of the most sophisticated and ...

Anthropic has accidentally exposed Claude Code's full 512,000-line TypeScript source via an npm source map, revealing ...

A supply chain attack campaign is spreading invisible malicious code across GitHub, npm, and the VS Code extension marketplace, with more than 151 compromised repositories identified so far. According ...

Hundreds of GitHub accounts were accessed using credentials stolen in the VS Code GlassWorm campaign. Threat actors have been abusing credentials stolen in the VS Code GlassWorm campaign to hack ...

Microsoft is speeding up the delivery of its Visual Studio Code updates. Since last summer, the company has been making monthly releases, each with three or four patches and new functionality, but ...

AI coding agents are reshaping how developers write, debug, and maintain software in 2026. The debate around Claude Code vs ChatGPT Codex highlights two distinct philosophies: local-first reasoning ...

Critical and high-severity vulnerabilities were found in four widely used Visual Studio Code extensions with a combined 128 million downloads, exposing developers to file theft, remote code execution, ...

A hacker published malicious versions of four established VS Code extensions to distribute a GlassWorm malware loader. The GlassWorm malware has appeared on the Open VSX marketplace again, after a ...