The researchers initially discovered DarkSpectre while investigating ShadyPanda, a campaign based on popular Chrome and Edge extensions that infected over four million devices. Further analysis ...

Since 2021, Korean researchers have been providing a simple software development framework to users with relatively limited ...

A new wave of the GlassWorm malware is now targeting macOS developers by hiding malicious code inside fake Visual Studio Code ...

Since 2021, Korean researchers have been providing a simple software development framework to users with relatively limited ...

Bala Ramakrishna Alti is an enterprise infrastructure and security engineer specializing in Linux systems, cloud-native architecture, and automation-driven cybersecurity. His work focuses on designing ...

VS Code is one of the most popular open-source (mostly) applications out there, and for good reason: It does everything you ...

The new major version with a new JIT compiler, a revised parallelization API, and a maturing type system paves the way for ...

Struggling with MCP authentication? The November 2025 spec just changed everything. CIMD replaces DCR's complexity with a simple URL-based approach—no registration endpoints, no client ID sprawl, ...

A new malware campaign is A/B testing delivery effectiveness on software developers using malicious VS Code extensions. In a campaign tracked by Koi, a threat actor published two malicious VS Code ...

In December 2025, the GlassWorm supply chain malware campaign emerged again, affecting both the Microsoft Visual Studio Marketplace and Open VSX platforms. This episode involved 24 extensions posing ...

The Glassworm campaign, which first emerged on the OpenVSX and Microsoft Visual Studio marketplaces in October, is now in its third wave, with 24 new packages added on the two platforms. OpenVSX and ...