GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, ...
The Hacker News

GlassWorm Supply-Chain Attack Abuses 72 Open VSX Extensions to Target Developers

GlassWorm campaign used 72 malicious Open VSX extensions and infected 151 GitHub repositories, enabling stealth supply-chain attacks on developers.
InfoWorld

Open VSX extensions hijacked: GlassWorm malware spreads via dependency abuse

Threat actors are publishing clean extensions that later update to depend on hidden payload packages, bypassing marketplace ...
The Hacker News

GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos

GlassWorm campaign injects malware into GitHub Python repos using stolen tokens since March 8, 2026, exposing developers to ...
How-To Geek on MSN

Visual Studio Code's latest update is a big deal for web development

You won't have to switch to a browser as often.
Visual Studio Magazine

Hands On with VS Code 1.112's New Image Analysis for Agents

VS Code 1.112 adds native image support for agents, and I used it on three Microsoft AI Foundry leaderboard screenshots to see whether it could turn chart-heavy visuals into a useful developer summary ...

Popular Chrome extension "Save Image as Type" was hijacked, impacting over 1 million users

Google delisted the image conversion tool earlier this month, but not before it had likely been modifying thousands of users' ...

ChatGPT might soon evolve into superapp with Atlas browser and Codex built-in

OpenAI's rumored superapp plans could merge ChatGPT, Codex, and its Atlas browser into a single platform, simplifying how users interact with AI tools.