Lazarus Group concealed a four-module remote access toolkit inside six fake npm Rollup polyfill packages that fired at import ...
Malicious npm packages mimicking Rollup polyfill tooling steal browser data, crypto wallets, and AI tool credentials in a Lazarus-linked campaign.
JFrog says six malicious npm packages used hidden install-time execution, JSONKeeper fetches, and sandbox checks to enable remote access.
A GitHub employee installed a routine VS Code extension update on the morning of May 18, 2026. That single action handed cybercrime group TeamPCP enough access to exfiltrate approximately 3,800 of ...
Legitimate Microsoft .NET and Visual Studio processes, including dfsvc.exe and vshost.exe, helped malicious code blend into ordinary Windows activity. One intrusion chain paired a legitimate Sogou ...
While Microsoft’s plans to fix Windows 11 involve making the experience better for regular users, the company also highlighted improvements for one of the most important parts of its developer ...
There's a lot of buzz around OpenClaw lately, so I had to check it out in my favorite editor, VS Code. Turns out this is a nascent space, not much being done with the new it agentic AI tool and the ...
Threat actors are publishing clean extensions that later update to depend on hidden payload packages, bypassing marketplace checks and silently installing malware onto developers’ systems. Threat ...
Microsoft Defender Experts has observed the Contagious Interview campaign, a sophisticated social engineering operation active since at least December 2022. Microsoft continues to detect activity ...
In Vernor Vinge’s science fiction novel A Deepness in the Sky, one of the characters works as a software archaeologist, mining thousands of years of code and libraries to find the solutions to ...
Microsoft’s new winapp CLI simplifies Windows app development with one-command setup, faster testing, and easier packaging. Microsoft is trying to make Windows app development feel a lot less painful.