News

The Hacker News12h

Researchers Find VS Code Flaw Allowing Attackers to Republish Deleted Extensions Under Same Names

VS Code flaw lets attackers reuse deleted extension names, enabling ransomware payload delivery and supply chain risks.
The Hacker News19h

Malicious Nx Packages in 's1ngularity' Attack Leaked 2,349 GitHub, Cloud, and AI Credentials

Nx supply chain attack on Aug 26, 2025 leaked 2,349 secrets via npm packages, risking GitHub and cloud accounts.
WinBuzzer21h

OpenAI Supercharges Codex AI Coding Agent With IDE Integration, GPT-5 Power, and GitHub Reviews

OpenAI has updated its Codex AI coding agent with a new VS Code extension, GPT-5 power, and automated GitHub pull request reviews for a unified developer experience.
Infosecurity Magazine17h

Malicious VS Code Extensions Exploit Name Reuse Loophole

Visual Studio Code extensions have been identified exploiting a loophole that allows reuse of names from removed packages ...