Dark Reading

GlassWorm Malware Evolves to Hide in Dependencies

The infamous GlassWorm malware has infected dozens more Open VSX software packages, according to new research.

Vite team boasts 10-30x faster builds with Rust-powered Rolldown

Native code build tools now dominate for TypeScript or JavaScript projects Vite 8.0 has been released, and it uses Rust-built ...
SecurityWeek

ForceMemo: Python Repositories Compromised in GlassWorm Aftermath

Hackers use credentials stolen in the GlassWorm campaign to access GitHub accounts and inject malware into Python repositories.
Gadget Review on MSN

Out of 500+ tools, 13 no-code AI tools will make you $1M

No-code AI tools can generate $1M revenue streams by automating workflows and building apps without expensive developers or ...
InfoWorld

Open VSX extensions hijacked: GlassWorm malware spreads via dependency abuse

Threat actors are publishing clean extensions that later update to depend on hidden payload packages, bypassing marketplace ...
WinBuzzer

GitHub: Glassworm Hides Malware in Invisible Unicode Across 151+ Repos

The Glassworm campaign has compromised over 151 GitHub repositories and npm packages using invisible Unicode payloads that evade standard code review.