GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, ...
The Hacker News

GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos

GlassWorm campaign injects malware into GitHub Python repos using stolen tokens since March 8, 2026, exposing developers to ...
Hacker

Microsoft’s AutoDev: The AI That Builds, Tests, and Fixes Code on Its Own

We’re on a mission to empower every person and every organization on the planet to achieve more. We’re on a mission to empower every person and every organization on the planet to achieve more.
IEEE

Evaluating Python Static Code Analysis Tools Using FAIR Principles

Abstract: The quality of modern software relies heavily on the effective use of static code analysis tools. To improve their usefulness, these tools should be evaluated using a framework that ...
GitHub

p-lyons/clif_cancer-codestat-academic-community

Among hospitalized adult patients admitted through the ED, does the association between active cancer and initial full code status differ between academic medical centers and community hospitals?
Bleeping Computer

Flaws in popular VSCode extensions expose developers to attacks

Vulnerabilities with high to critical severity ratings affecting popular Visual Studio Code (VSCode) extensions collectively downloaded more than 128 million times could be exploited to steal local ...