Dark Reading

'Contagious Interview' Attack Now Delivers Backdoor Via VS Code

Once trust is granted to the repository's author, a malicious app executes arbitrary commands on the victim's system with no ...

North Korean hackers target Microsoft Virtual Studio Code

As part of the infamous Contagious Interview campaign, North Korean threat actors were seen abusing legitimate Microsoft ...
SecurityWeek

North Korean Hackers Target macOS Developers via Malicious VS Code Projects

North Korean hackers target macOS developers with malware hidden in Visual Studio Code task configuration files.
Maison et Domotique

HA-Animated-cards: The Home Assistant Tweak that Changes Everything (Without Heavy JavaScript)

HA-Animated-cards brings elegant and “smart” animations to your Mushroom cards in Home Assistant, without heavy custom card: ...
The Hacker News

CERT/CC Warns binary-parser Bug Allows Node.js Privilege-Level Code Execution

A flaw in the binary-parser npm package before version 2.3.0 lets attackers execute arbitrary JavaScript via unsanitized ...
The Hacker News

Why Secrets in JavaScript Bundles are Still Being Missed

Scanning 5M apps uncovered 42K exposed secrets in JavaScript bundles, revealing major gaps in traditional SAST, DAST, and ...
Cybernews

Warning: cybercriminals are using blockchain smart contracts to evade takedowns

Researchers at cybersecurity company Group-IB found that DeadLock, a ransomware family discovered in July 2025, is now using smart contracts, or self-executing programs, on the popular Polygon (POL) ...
GitHub

TYPO3 CMS Content Blocks

This is the standalone repository for the TYPO3 Content Blocks project. Content Blocks provides a new API to create custom Content Types like Content Elements, Page Types or generic Record Types. Use ...