Security researchers found two AI-branded VS Code extensions with 1.5M installs that covertly send source code and files to ...

IT researchers have discovered 12 security vulnerabilities in the open-source encryption library OpenSSL, one of which is considered critical. Attackers can use it to inject malicious code, for ...

North Korean hackers target macOS developers with malware hidden in Visual Studio Code task configuration files.

The risks associated with leveraging open source libraries, and the review needed, are increasing. In the first half of 2025, cybersecurity researchers observed a sharp rise in the incidence of ...

Marketplace that were collectively installed 1.5 million times, exfiltrate developer data to China-based servers.

Threat actors have used generative artificial intelligence (GenAI) to write malicious code in the wild to spread an open source remote access Trojan (RAT). It's one of the first observed examples of ...

Hackers are taking legitimate banking apps and decompiling them in order to add malicious code, then spreading them through common threat schemes like phishing lures and fake look-a-like websites.

Chrome, Firefox, and Edge users must remove the following browser extensions manually. They've been identified as malicious ...

The North Korean hacking group Kimsuky is using QR code phishing to target Americans with fake questionnaires and malicious ...

Malicious code, like that which forms the backbone of ransomware viruses plaguing hospitals of late, is not just fear-inducing for healthcare administrators. According to cybersecurity records from ...

ClickFix variant CrashFix relies on a malicious Chrome extension to crash the browser and trick victims into installing the ...