GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, ...
The Hacker News

GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos

GlassWorm campaign injects malware into GitHub Python repos using stolen tokens since March 8, 2026, exposing developers to ...
SecurityWeek

ForceMemo: Python Repositories Compromised in GlassWorm Aftermath

Hackers use credentials stolen in the GlassWorm campaign to access GitHub accounts and inject malware into Python repositories.
GitHub

socket.io-json-parser

An alternative to the default socket.io-parser, encoding and decoding packets with JSON.parse / stringify. With that parser, binary data (ArrayBuffer / Buffer / Blob / File) is not supported. Please ...
GitHub

A native macOS browser for AI agents.

Browser automation tools like Puppeteer, Playwright, and Selenium weren't designed with AI agents in mind. They ship a full Chrome, communicate over HTTP/CDP, and hand you the entire DOM when all your ...