VSCode market struck by huge influx of malicious WhiteCobra extensions - so be warned

The researchers are calling the threat actor WhiteCobra.
CSO Online

Warning: Hackers have inserted credential-stealing code into some npm libraries

Dozens of npm libraries, including a color library with over 2 million downloads a week, have been replaced with novel self-replicating credential-stealing code in yet another wave of a supply chain ...
Visual Studio Magazine

VS Code Update Helps Devs Select, Contribute AI Models

Microsoft released Visual Studio Code 1.104, adding Auto model selection and support for contributed language models in chat, alongside security, productivity, and Model Context Protocol (MCP) ...
The Hacker News

⚡ Weekly Recap: Bootkit Malware, AI-Powered Attacks, Supply Chain Breaches, Zero-Days & More

Your weekly strategic brief on the cyber threat landscape. Uncover the deeper patterns behind attacks, from bootkit malware ...