InfoWorld

Malicious npm packages contain Vidar infostealer

Researchers say the malware was in the repository for two weeks, advise precautions to defend against malicious packages.
Techzine Europe

Invisible malware spread via VS Code extensions

The leak has now been fixed. According to the Open VSX team, the incident has been fully contained and closed since October ...

GlassWorm malware returns on OpenVSX with 3 new VSCode extensions

The GlassWorm malware campaign, which impacted the OpenVSX and Visual Studio Code marketplaces last month, has returned with ...