The Hacker News

Vibe-Coded Malicious VS Code Extension Found with Built-In Ransomware Capabilities

Cybersecurity researchers have flagged a malicious Visual Studio Code (VS Code) extension with basic ransomware capabilities ...
The Hacker News

Malicious VSX Extension "SleepyDuck" Uses Ethereum to Keep Its Command Server Alive

Researchers uncover SleepyDuck RAT hidden in VSX extension, using Ethereum contracts to control infected hosts.
CSO Online

Modern supply-chain attacks and their real-world impact

Supply-chain attacks have evolved considerably in the las two years going from dependency confusion or stolen SSL among ...
InfoWorld

Malicious npm packages contain Vidar infostealer

Researchers say the malware was in the repository for two weeks, advise precautions to defend against malicious packages.
Windows Report

Microsoft Details Roadmap for Visual Studio, Featuring New Agents and GPT-5 Codex

Microsoft’s November Visual Studio roadmap highlights new AI agents, GPT-5 Codex integration, and improved MCP governance.

AI-Slop ransomware test sneaks on to VS Code marketplace

A malicious extension with basic ransomware capabilities seemingly created with the help of AI, has been published on Microsoft's official VS Code marketplace.

Fake Solidity VSCode extension on Open VSX backdoors developers

A remote access trojan dubbed SleepyDuck, and disguised as the well-known Solidity extension in the Open VSX open-source registry, uses an Ethereum smart contract to establish a communication channel ...

Ai2 Launches OlmoEarth: State of the Art Foundation Models and Open Infrastructure to Tackle the Planet's Biggest Problems

Ai2 (The Allen Institute for AI) today announced the OlmoEarth Platform, the first open, end-to-end solution that transforms ...

What is vibe coding? Plus 7 AI coding tools to get started right away.

Okay, but what is vibe coding, really? Stop nodding and smiling every time you hear this phrase and get started with AI vibe ...