GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, ...

New “vibe coded” AI translation tool splits the video game preservation community

Since Andrej Karpathy coined the term “vibe coding” just over a year ago, we’ve seen a rapid increase in both the ...
InfoWorld

Open VSX extensions hijacked: GlassWorm malware spreads via dependency abuse

Threat actors are publishing clean extensions that later update to depend on hidden payload packages, bypassing marketplace ...

AppsFlyer Web SDK used to spread crypto stealer JavaScript code

Malicious JavaScript code delivered by the AppsFlyer Web SDK hijacked cryptocurrency, potentially in a supply-chain attack.
WinBuzzer

Anthropic Unlocks 1M-Token Context Window for all Max, Team, and Enterprise Users

Anthropic has made its 1M-token context window generally available for Claude Opus 4.6 and Sonnet 4.6 at standard pricing, removing the long-context premium.

Microsoft is working to eliminate PC gaming’s “compiling shaders” wait times

Microsoft first rolled out Advanced Shader Delivery in its SDK last September and added support to the ROG Xbox Ally as a ...