Fake Solidity VSCode extension on Open VSX backdoors developers

A remote access trojan dubbed SleepyDuck, and disguised as the well-known Solidity extension in the Open VSX open-source registry, uses an Ethereum smart contract to establish a communication channel ...

Open VSX rotates tokens used in supply-chain malware attack

The Open VSX registry rotated access tokens after they were accidentally leaked by developers in public repositories and allowed threat actors to publish malicious extensions in an attempted ...
CSO Online

OpenAI launches Aardvark to detect and patch hidden bugs in code

Currently in private beta, the GPT-5-powered security agent scans, reasons, and patches software like a real researcher, ...
SecurityWeek

Open VSX Downplays Impact From GlassWorm Campaign

Open VSX fully contained the GlassWorm attacks and says it was not a self-replicating worm in the traditional sense. The GlassWorm campaign that infected VS Code extensions in the Open VSX marketplace ...
CSO Online

Typo hackers sneak cross-platform credential stealer into 10 npm packages

The typosquatted packages auto-execute on installation, fingerprint victims by IP, and deploy a PyInstaller binary to harvest ...
GamesRadar+

Whiteout Survival codes (November 2025) for free resources

October 31, 2025: We searched for new Whiteout Survival codes, and added a fresh promo to our list. Whiteout Survival codes are really useful if you can find them, because they'll help you to build up ...