Public meeting tonight to discuss 18th and Vine extension study findings

A public meeting will be held to discuss the 18th and Vine extension study findings.
WinBuzzer

Malicious VS Code Extensions Steal Code from 1.5M Developers

Two malicious VS Code extensions have exfiltrated code snippets, API keys, and proprietary algorithms from 1.5 million ...

New GlassWorm attack targets macOS via compromised OpenVSX extensions

A new GlassWorm malware attack through compromised OpenVSX extensions focuses on stealing passwords, crypto-wallet data, and developer credentials and configurations from macOS systems.
SecurityWeek

Open VSX Publisher Account Hijacked in Fresh GlassWorm Attack

A compromised Open VSX publisher account was used to distribute malicious extensions in a new GlassWorm supply chain attack.
GitHub

kazcfz/Copy-n-Paste

Copy-n-Paste: Clipboard Upload Simplified is a lightweight extension for Chromium and Firefox to simplify uploading copied screenshots, images, files from your clipboard. No need to save as files.
GitHub

Unity Standalone File Browser

Fork from https://github.com/gkngkc/UnityStandaloneFileBrowser to provide WebGL support. A simple wrapper for native file dialogs on Windows/Mac/Linux. Add the script ...
Bleeping Computer

Malicious GhostPoster browser extensions found with 840,000 installs

Another set of 17 malicious extensions linked to the GhostPoster campaign has been discovered in Chrome, Firefox, and Edge stores, where they accumulated a total of 840,000 installations. The ...
The Hacker News

VS Code Forks Recommend Missing Extensions, Creating Supply Chain Risk in Open VSX

Popular artificial intelligence (AI)-powered Microsoft Visual Studio Code (VS Code) forks such as Cursor, Windsurf, Google Antigravity, and Trae have been found to recommend extensions that are ...