The Register on MSN
Crims poison 150K+ npm packages with token-farming malware
Amazon spilled the TEA Yet another supply chain attack has hit the npm registry in what Amazon describes as "one of the ...
A year of escalating social-engineering attacks has produced one of the most efficient infection chains observed to date. Known as ClickFix, this method requires only that ...
Keeper's zero-trust and zero-knowledge extension gives developers the power to code securely without leaving their workflow. CHICAGO, Nov. 13, 2025 /PRNewswire/ -- Keeper Security ...
With AI phishing attacks rising 1,760% and achieving a 60% success rate, learn how attackers use AI, deepfakes and automation — and discover proven, multi-layered defense strategies to protect your ...
The typosquatted “@acitons/artifact” package targeted GitHub’s CI/CD workflows, stealing tokens and publishing malicious ...
Developers will have to contend with a dormant turned active malicious code on Visual Studio Code (VS Code) extensions, which ...
The GlassWorm malware has reared its ugly head again in the Open VSX registry, roughly two weeks after being removed.
GlassWorm, a self-propagating VS Code malware first found in the Open VSX marketplace, continues to infect developer devices ...
Weeks after being declared eradicated, GlassWorm is again infesting open source extensions using the same invisible Unicode ...
The GlassWorm malware campaign, which impacted the OpenVSX and Visual Studio Code marketplaces last month, has returned with ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback