CSO Online

SAP npm package attack highlights risks in developer tools and CI/CD pipelines

Researchers say the campaign targeted developer credentials and cloud secrets while abusing trusted publishing and AI coding ...
CSO Online

More fake extensions linked to GlassWorm found in Open VSX code marketplace

The threat actor seeding the Open VSX code marketplace with fraudulent extensions that download the GlassWorm malware has ...
The Hacker News

SAP-Related npm Packages Compromised in Credential-Stealing Supply Chain Attack

SAP npm packages poisoned on April 29, 2026 + AES-256-GCM encrypted credential theft + AI coding tools abused for spread.
Analytics Insight

How HTML to PDF APIs are Replacing Legacy Document Generation Tools in 2026

The tools businesses relied on for large-scale document generation over the past two decades are starting to lose ground, and ...
The Hacker News

Brazilian LofyGang Resurfaces After Three Years With Minecraft LofyStealer Campaign

LofyGang resurfaces with LofyStealer disguised as Minecraft hack, exfiltrating IBANs and passwords to 24.152.36[.]241, ...
XDA Developers on MSN

I switched from VS Code's marketplace to Open VSX, and Microsoft's is the one falling behind

Truly open-source marketplace you can use with VSCodium.

D4vd Bought Chain Saws to Dispose of Teenager’s Body, Prosecutors Say

In a legal filing, prosecutors outlined for the first time how they say the singer murdered and dismembered Celeste Rivas ...
WinBuzzer

VS Code Now Stamps GitHub Copilot as Git Commit Co-Author

Visual Studio Code 1.118 now stamps a Copilot co-author trailer on Git commits by default after PR #310226 flipped ...