The Hacker News

Researchers Find Malicious VS Code, Go, npm, and Rust Packages Stealing Developer Data

Researchers found malicious VS Code extensions and Go, npm, and Rust packages stealing developer data via hidden payloads and exfiltration.
Infosecurity Magazine

Malicious VS Code Extensions Deploy Advanced Infostealer

Two malicious Visual Studio Code extensions, Bitcoin Black and Codo AI, have been observed harvesting sensitive user data ...
SecurityWeek

Microsoft Patches 57 Vulnerabilities, Three Zero-Days

Microsoft has released patches for 57 vulnerabilities, including a Windows zero-day flaw exploited in attacks.

Windows PowerShell now warns when running Invoke-WebRequest scripts

Microsoft says Windows PowerShell now warns when running scripts that use the Invoke-WebRequest cmdlet to download web ...

Microsoft releases Windows 10 KB5071546 extended security update

Microsoft has released the KB5071546 extended security update to resolve 57 security vulnerabilities, including three ...
Developer Tech

Malware campaign uses VS Code extensions for A/B testing

A new malware campaign is A/B testing delivery effectiveness on software developers using malicious VS Code extensions.
The Hacker News

Storm-0249 Escalates Ransomware Attacks with ClickFix, Fileless PowerShell, and DLL Sideloading

Storm-0249 now employs ClickFix, fileless PowerShell, and DLL sideloading to gain stealthy access that enables ransomware ...

Empromptu raises $2M pre-seed to help enterprises build AI apps

Empromptu claims all a user has to do is tell the platform's AI chatbot what they want — like a new HTML or JavaScript app — ...