SecurityWeek

Open VSX Publisher Account Hijacked in Fresh GlassWorm Attack

A compromised Open VSX publisher account was used to distribute malicious extensions in a new GlassWorm supply chain attack.

OpenAI's Codex just got its own Mac app - and anyone can try it for free now

Switching between IDE, terminal, and app keeps context across tools.
The Hacker News

Open VSX Supply Chain Attack Used Compromised Dev Account to Spread GlassWorm

Open VSX supply chain attack hijacked VS Code extensions delivered GlassWorm malware stealing macOS, crypto, and developer ...
GitHub

LLM Local Assistant - VS Code Extension

A powerful VS Code extension that brings autonomous AI agent capabilities to your local machine. Break down complex tasks into structured multi-step plans, execute them automatically, and stay in ...
River Journal Online

Which One Wins for Developers: Gemini or ChatGPT

By Karyna Naminas, CEO of Label Your Data Choosing the right AI assistant can save you hours of debugging, documentation, and boilerplate coding. But when it comes to Gemini vs […] ...
ET CIO

7 Best AI Code Review Tools for DevOps Teams in 2026

Discover the leading AI code review tools reshaping DevOps practices in 2026, enhancing code quality, security, and team productivity with automated solutions.
SecurityWeek

‘PackageGate’ Flaws Open JavaScript Ecosystem to Supply Chain Attacks

Vulnerabilities in the NPM, PNPM, VLT, and Bun package managers could lead to protection bypasses and arbitrary code ...
Cybernews

North Korea is turning open-source projects into malware traps

North Korea is doubling down on a familiar playbook by weaponizing trust in open-source software and developer workflows. The ...

Malicious Chrome Extensions found on Web Store, Over 1 lakh users at risk: Remove now

Security researchers have discovered several malicious Chrome extensions on the official Chrome Web Store that can steal user data and compromise privacy. Some of these extensions are still available ...