The Hacker News

DarkSpectre Browser Extension Campaigns Exposed After Impacting 8.8 Million Users Worldwide

A China-linked threat actor used malicious browser extensions over seven years to steal data and corporate intelligence from ...
InfoWorld

Intro to Hotwire: HTML over the wire

This concept isn’t new—in fact, it is the essence of representational state transfer (REST). Instead of converting to a ...
Infosecurity-magazine.com

Malware Discovered in 19 Visual Studio Code Extensions

A campaign involving 19 Visual Studio (VS) Code extensions that embed malware inside their dependency folders has been uncovered by cybersecurity researchers. Active since February 2025 but identified ...
Visual Studio Magazine

Threat Actors Keep Weaponizing VS Code Extensions

Threat actors continue to probe Visual Studio Code's extension ecosystem, and a late November incident shows how quickly a trusted developer tool can be turned into a supply chain beachhead. In a ...
Dark Reading

GlassWorm Returns, Slices Back into VS Code Extensions

GlassWorm, a self-propagating malware targeting Visual Studio Code (VS Code) extensions on the Open VSX marketplace, have apparently continued despite statements that the threat had been contained.
The Hacker News

Self-Spreading 'GlassWorm' Infects VS Code Extensions in Widespread Supply Chain Attack

Cybersecurity researchers have discovered a self-propagating worm that spreads via Visual Studio Code (VS Code) extensions on the Open VSX Registry and the Microsoft Extension Marketplace, ...
CSOonline

Self-propagating worm found in marketplaces for Visual Studio Code extensions

Treat this as an immediate security incident, CISOs advised; researchers say it’s one of the most sophisticated supply chain attacks they’ve seen, and it’s spreading. A month after a self-propagating ...
Dark Reading

Self-Propagating GlassWorm Attacks VS Code Supply Chain

A self-propagating worm is targeting Visual Studio Code (VS Code) extensions in a complex supply chain attack that has infected 35,800 developer machines so far with techniques the likes of which ...
CSOonline

TigerJack’s malicious VSCode extensions mine, steal, and stay hidden

The coordinated campaign abuses Visual Studio Code and OpenVSX extensions to steal code, mine cryptocurrency, and maintain remote control, all while posing as legitimate developer tools. In a new ...
techworm.net

Malicious VS Code Extensions Exploit Marketplace Loophole

Cybersecurity researchers have uncovered a loophole in Microsoft’s Visual Studio Code (VS Code) Marketplace that enables attackers to reuse deleted extension names, potentially allowing malware to ...
PC World

How to view the HTML code of emails in the new Outlook app

In previous versions of Microsoft Outlook (the classic app), you could view the HTML code of an email by opening the email, right-clicking on it, and selecting “View source” from the context menu.