GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, ...
XDA Developers on MSN

Google kept featuring this Chrome extension for months after it turned malicious

How can an extension change hands with no oversight?
GitHub

Earth & Home - Real Estate Platform

# PocketBase Configuration NEXT_PUBLIC_POCKETBASE_API_URL=http://127.0.0.1:8090 # Add other required environment variables ...
The Hacker News

Microsoft Warns Developers of Fake Next.js Job Repos Delivering In-Memory Malware

A "coordinated developer-targeting campaign" is using malicious repositories disguised as legitimate Next.js projects and technical assessments to trick victims into executing them and establish ...
Science Daily

Scientists find cancer-linked chemicals in popular hair extensions

A sweeping new study has uncovered a troubling mix of hazardous chemicals in popular hair extensions, including products made from human hair. Researchers detected dozens of substances linked to ...
GitHub

A Chrome extension that archives any authenticated website as self-contained HTML files. Each page is saved with fully inlined CSS, fonts, images, and JavaScript — so the ...

Most web archivers require you to log in separately or can't access pages behind authentication. This extension runs inside your existing Chrome session, so it can ...