InfoWorld

Open VSX extensions hijacked: GlassWorm malware spreads via dependency abuse

Threat actors are publishing clean extensions that later update to depend on hidden payload packages, bypassing marketplace ...
The Hacker News

GlassWorm Supply-Chain Attack Abuses 72 Open VSX Extensions to Target Developers

GlassWorm campaign used 72 malicious Open VSX extensions and infected 151 GitHub repositories, enabling stealth supply-chain attacks on developers.
Dark Reading

GlassWorm Malware Evolves to Hide in Dependencies

The infamous GlassWorm malware has infected dozens more Open VSX software packages, according to new research.
XDA Developers on MSN

I replaced VS Code with this open-source editor and it's faster, lighter, and runs all my extensions

You also get to escape Microsoft telemetry tracking too.
Bleeping Computer

Malicious Microsoft VSCode extensions steal passwords, open remote shells

Cybercriminals are starting to target Microsoft's VSCode Marketplace, uploading three malicious Visual Studio extensions that Windows developers downloaded 46,600 times. According to Check Point, ...
Android Police

Firefox is giving Android users a sneak peek at its open extensions

Jay primarily writes news and deals posts for Android Police. Before joining AP, he spent the past several years yammering on about the crazy world of Android for various tech outlets. Besides ...
ExtremeTech

Google Brings Open Third-Party Extensions to Gemini CLI

Google has added a new feature called Gemini CLI Extensions to its command-line AI tool, Gemini CLI. This lets outside companies add their software directly into Gemini CLI. At launch, the extensions ...