VS Code extensions since Dec 21, 2025 fuel GlassWorm v2, installing cross-IDE malware and stealing credentials.

Researchers have discovered a new malware campaign targeting AI developer tools. The attack uses sponsored links on Google to impersonate official installation instructions. Targets include popular AI ...

Researchers have finally cracked Fast16, mysterious code capable of silently tampering with calculation and simulation software. It was created in 2005—and likely deployed by the US or an ally.

Interview With everyone from would-be developers to six-year-old kids jumping on the vibe coding bandwagon, it shouldn't be surprising that criminals like automated coding tools too.… "Everybody's ...

Attackers are using fake Claude Code install pages and malicious search ads to spread infostealer malware targeting Windows and macOS systems. Threat actors are exploiting a common developer habit — ...

Attackers have poisoned a code package on the npm registry in a novel way, hiding credential-stealing malware in steganographic QR codes embedded in a package purporting to offer a JavaScript utility.

Android users are currently at risk of a scarily advanced malware that reportedly uses Meta's advertising platforms (like Facebook and Instagram) to hunt for users' PINs, messages, and other sensitive ...

Global cybercrime costs are expected to grow by 15 percent per year over the next five years—with malware and ransomware driving a significant portion. Malware has been part of the cybersecurity story ...

The newly observed malware abuses VS Code’s “runOn:folderOpen” feature to execute automatically from trusted projects, enabling near-frictionless compromise. A newly disclosed malware strain dubbed ...