SecurityWeek

GlassWorm Malware Returns to Open VSX, Emerges on GitHub

The GlassWorm malware has reared its ugly head again in the Open VSX registry, roughly two weeks after being removed.
CSO Online

Malicious npm packages contain Vidar infostealer

Researchers say the malware was in the repository for two weeks, advise precautions to defend against malicious packages.
LinuxInsider

Open-Source Security Tool AdaptixC2 Fueling Ransomware Attacks

Ransomware gangs are exploiting AdaptixC2, an open-source command-and-control framework originally built for red team testing, to support stealthy post-exploitation operations.