The Hacker News

Vibe-Coded Malicious VS Code Extension Found with Built-In Ransomware Capabilities

Cybersecurity researchers have flagged a malicious Visual Studio Code (VS Code) extension with basic ransomware capabilities ...
The Hacker News

Malicious VSX Extension "SleepyDuck" Uses Ethereum to Keep Its Command Server Alive

Researchers uncover SleepyDuck RAT hidden in VSX extension, using Ethereum contracts to control infected hosts.

GlassWorm malware returns on OpenVSX with 3 new VSCode extensions

The GlassWorm malware campaign, which impacted the OpenVSX and Visual Studio Code marketplaces last month, has returned with ...
CSO Online

Modern supply-chain attacks and their real-world impact

Supply-chain attacks have evolved considerably in the las two years going from dependency confusion or stolen SSL among ...
InfoWorld

Malicious npm packages contain Vidar infostealer

Researchers say the malware was in the repository for two weeks, advise precautions to defend against malicious packages.

Ai2 Launches OlmoEarth: State of the Art Foundation Models and Open Infrastructure to Tackle the Planet's Biggest Problems

Ai2 (The Allen Institute for AI) today announced the OlmoEarth Platform, the first open, end-to-end solution that transforms ...
CNET

Sora 2 App Is Open to All in the US and Others ... No Invite Code Required

The wait is over for anyone in the US, Canada, Japan and South Korea who couldn't get their hands on an invite code to OpenAI's viral Sora 2 app. Katelyn is a writer with CNET covering artificial ...