The Hacker News

Researchers Uncover 73 Fake VS Code Extensions Delivering GlassWorm v2 Malware

VS Code extensions since Dec 21, 2025 fuel GlassWorm v2, installing cross-IDE malware and stealing credentials.
Dark Reading

Fresh Wave of GlassWorm VS Code Extensions Slices Through Supply Chain

Attackers continue to scale a campaign to seed Open VSX with seemingly benign VS Code extensions that spread self-propagating ...
CSO Online

More fake extensions linked to GlassWorm found in Open VSX code marketplace

The threat actor seeding the Open VSX code marketplace with fraudulent extensions that download the GlassWorm malware has ...
Cryptopolitan on MSN

Hacker target the OpenVSX ecosystem to steal crypto wallets

GlassWorm, a known malware, has put 73 harmful extensions into OpenVSX's registry. Hackers use it to steal developers' crypto ...
The Hacker News

SAP-Related npm Packages Compromised in Credential-Stealing Supply Chain Attack

SAP npm packages poisoned on April 29, 2026 + AES-256-GCM encrypted credential theft + AI coding tools abused for spread.

Don’t Click That Link: How Hackers Used Robinhood’s Own Systems to Fool and Target Customers

A flaw in the online trading platform’s account creation process allowed attackers to send convincing phishing emails.

GlassWorm malware attacks return via 73 OpenVSX "sleeper" extensions

A new wave of the Glassworm campaign is targeting the OpenVSX ecosystem with 73 "sleeper" extensions that turn malicious ...
CIO

SAS makes AI governance the centerpiece of its agent strategy

New tools promise centralized oversight of models, agents, and data as enterprises turn trust into a competitive advantage.

100 genius organising tricks to declutter your home

Home organisation and design experts share the best tricks to cut down on clutter around the home. Here’s how to be strategic ...