InfoWorld

Open VSX extensions hijacked: GlassWorm malware spreads via dependency abuse

Threat actors are publishing clean extensions that later update to depend on hidden payload packages, bypassing marketplace ...

Widely used Trivy scanner compromised in ongoing supply-chain attack

Hackers have compromised virtually all versions of Aqua Security’s widely used Trivy vulnerability scanner in an ongoing ...
Dark Reading

GlassWorm Malware Evolves to Hide in Dependencies

The infamous GlassWorm malware has infected dozens more Open VSX software packages, according to new research.
The Hacker News

GlassWorm Supply-Chain Attack Abuses 72 Open VSX Extensions to Target Developers

GlassWorm campaign used 72 malicious Open VSX extensions and infected 151 GitHub repositories, enabling stealth supply-chain attacks on developers.
PC Magazine

The Best Authenticator Apps for 2026

Authenticator apps are a multi-factor authentication (MFA) method for encrypting your online login credentials. Stay protected with the top MFA apps we've tested. I review privacy tools like hardware ...