CSO Online

TigerJack’s malicious VSCode extensions mine, steal, and stay hidden

The coordinated campaign abuses Visual Studio Code and OpenVSX extensions to steal code, mine cryptocurrency, and maintain ...

A New Attack Lets Hackers Steal 2-Factor Authentication Codes From Android Phones

Android devices are vulnerable to a new attack that can covertly steal two-factor authentication codes, location timelines, ...

CamoLeak: GitHub Copilot Flaw Allowed Silent Data Theft

A GitHub Copilot Chat bug let attackers steal private code via prompt injection. Learn how CamoLeak worked and how to defend ...

Malicious crypto-stealing VSCode extensions resurface on OpenVSX

A threat actor called TigerJack is constantly targeting developers with malicious extensions published on Microsoft's Visual ...

This new Android exploit can steal everything on your screen - even 2FA codes

Pixnapping was performed on five devices running Android versions 13 to 16: the Google Pixel 6, Google Pixel 7, Google Pixel 8, Google Pixel 9, and Samsung Galaxy S25. However, it is possible that ...