Fake VS Code alerts on GitHub spread malware to developers

A large-scale campaign is targeting developers on GitHub with fake Visual Studio Code (VS Code) security alerts posted in the ...
Security Boulevard

An Evolving GlassWorm Malware is Making the Rounds of Code Repositories

GlassWorm is evolving. Security researchers say the malware, which infiltrates code repositories with malicious extensions, can now deploy a RAT, is targeting MCP servers, and has a new way of moving ...
The Hacker News

North Korean Hackers Abuse VS Code Auto-Run Tasks to Deploy StoatWaffle Malware

North Korean hackers exploit VS Code tasks.json auto-run since Dec 2025 to deploy StoatWaffle malware, stealing data and ...