The Hacker News

Malicious VS Code AI Extensions with 1.5 Million Installs Steal Developer Source Code

Security researchers found two AI-branded VS Code extensions with 1.5M installs that covertly send source code and files to ...

Malicious Microsoft AI extensions might have hit over 1.5 million users

Two VSCode extensions are harvesting sensitive data and sending it to China.
The Hacker News

⚡ Weekly Recap: Firewall Flaws, AI-Built Malware, Browser Traps, Critical CVEs & More

Weekly cybersecurity recap covering emerging threats, fast-moving attacks, critical flaws, and key security developments you ...

Hackers can bypass npm’s Shai-Hulud defenses via Git dependencies

Koi security researchers found that when NPM installs a dependency from a Git repository, configuration files such as a ...