Developers will have to contend with a dormant turned active malicious code on Visual Studio Code (VS Code) extensions, which is believed to have compromised thousands of users by stealing credentials ...
Attackers continue to scale a campaign to seed Open VSX with seemingly benign VS Code extensions that spread self-propagating ...
Four SAP NPM packages compromised in the Mini Shai-Hulud supply chain attack trigger a Bun runtime to install an information ...
Malicious KICS Docker tags and VS Code versions 1.17.0, 1.19.0 enabled data exfiltration, risking exposed infrastructure ...
New capability intercepts and blocks malicious code at the point of execution, closing the critical gap between vulnerability ...
The risks associated with leveraging open source libraries, and the review needed, are increasing. In the first half of 2025, cybersecurity researchers observed a sharp rise in the incidence of ...
Bitwarden CLI 2026.4.0 was compromised via GitHub Actions in Checkmarx campaign, exposing secrets and distributing malicious ...
Security researchers at Apiiro have released two free, open-source tools designed to detect and block malicious code before they are added to software projects to curb supply chain attacks. The two ...
In GitHub and GitHub Enterprise Server, attackers with push rights to repositories can inject malicious code. Updates fix ...
Attackers can target the Foxit PDF Reader and PDF Editor applications. Security patches are available for download.
Researchers from Sucuri found malicious code hiding in the mu-plugins directory The malware redirected visitors, served spam, and could even drop malware The sites were compromised through vulnerable ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results