Bleeping Computer

GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, repositories, and extensions on GitHub, npm, and VSCode/OpenVSX extensions. Evidence ...
The Hacker News

GlassWorm Supply-Chain Attack Abuses 72 Open VSX Extensions to Target Developers

Cybersecurity researchers have flagged a new iteration of the GlassWorm campaign that they say represents a "significant escalation" in how it propagates through the Open VSX registry. "Instead of ...
GitHub

GitHub App Authentication Extension

Use this when you want to act as yourself rather than a GitHub App, while keeping tokens in the OS keyring. PATs support the same pattern routing as apps. When both an app and a PAT match the same ...
Hosted on MSN

Testing INH Hair Extensions Review and Tutorial

💇‍♀️ Testing INH hair extensions—full review plus styling tutorial included! #HairExtensions #INHReview #BeautyTutorial Here's what an Epstein files vote in the House could look like Off-duty pilot ...
cryptopolitan

3 VS Code extensions stealing credentials for GitHub, VSX, and crypto wallets

Cybersecurity firm Koi Security uncovers a new wave of the GlassWorm campaign, which hides malware in invisible Unicode code within VS Code extensions. The malware steals GitHub, Open VSX, and crypto ...
The Hacker News

GPUGate Malware Uses Google Ads and Fake GitHub Commits to Target IT Firms

Cybersecurity researchers have detailed a new sophisticated malware campaign that leverages paid ads on search engines like Google to deliver malware to unsuspecting users looking for popular tools ...
GitHub

Submodule git submodule update --recursive doesn't work

Submodule git submodule update --recursive doesn't work #117 New issue Open mojadita ...