GlassWorm malware returns on OpenVSX with 3 new VSCode extensions

The GlassWorm malware campaign, which impacted the OpenVSX and Visual Studio Code marketplaces last month, has returned with ...

Open VSX rotates tokens used in supply-chain malware attack

The Open VSX registry rotated access tokens after they were accidentally leaked by developers in public repositories and allowed threat actors to publish malicious extensions in an attempted ...
Indiatimes

GitHub CEO Thomas Dohmke: There is no world where I would allow employees to say, 'Well, sorry, I don't want to use GitHub', if that is the case you can ...

GitHub CEO Thomas Dohmke mandated the use of the platform for all employees, emphasizing its integral role in the company culture. Under his leadership, GitHub experienced significant growth, ...
InfoWorld

GitHub launches Agent HQ to bring order to AI-powered coding

The platform unites AI coding agents in one environment to streamline enterprise workflows and enhance governance, security, ...

10 Key Takeaways From GitHub Octoverse 2025 Report

The timing of the Octoverse 2025 report release during the conference proved strategic, as it provided attendees with ...
InfoWorld

Malicious npm packages contain Vidar infostealer

Researchers say the malware was in the repository for two weeks, advise precautions to defend against malicious packages.
CSO Online

Vibe-coded ransomware proof-of-concept ended up on Microsoft’s marketplace

A suspicious Visual Studio Code extension with file-encrypting and data-stealing behavior successfully bypassed marketplace ...
MUO on MSN

VSCode is the perfect writing app and you can't convince me otherwise

I'm not much of a programmer, but I do all of my writing using a tool traditionally used for programming. I actually spent years using Microsoft Word, the tool I, like many others, grew up using for ...

GitHub is launching a hub for multiple AI coding agents

GitHub is giving developers access to third-party AI coding agents with the launch of a new “Agent HQ.” Instead of just using ...
CSO Online

BlueNoroff reemerges with new campaigns for crypto theft and espionage

GhostCall and GhostHire use fake investor meetings and bogus recruiter tests to deliver cross-platform malware to blockchain ...
Microsoft

In Argentina’s financial sector, software developers are partnering with AI to boost innovation

On a Friday evening last April, just ahead of Easter, Argentina’s Central Bank stunned markets by announcing the end of nearly six years of strict currency controls, lifting restrictions on the ...