The Hacker News

Self-Spreading 'GlassWorm' Infects VS Code Extensions in Widespread Supply Chain Attack

Cybersecurity researchers have discovered a self-propagating worm that spreads via Visual Studio Code (VS Code) extensions on the Open VSX Registry and the Microsoft Extension Marketplace, ...
CSOonline

Self-propagating worm found in marketplaces for Visual Studio Code extensions

Treat this as an immediate security incident, CISOs advised; researchers say it’s one of the most sophisticated supply chain attacks they’ve seen, and it’s spreading. A month after a self-propagating ...
Android Police

Pixnapping attack can steal 2FA codes from Android devices using onscreen pixels

Chris has reported for various tech and consumer goods outlets over the past decade, including Android Police and MakeUseOf since early 2022. Previously, he has contributed to outlets such as ...
Hosted on MSN

Pixnapping attack can steal 2FA codes from Android devices using onscreen pixels

Google reached out with clarification. As told to Android Police by a Google spokesperson: "We issued a patch for CVE-2025-48561 in the September Android security bulletin, which partially mitigates ...
Wired

A New Attack Lets Hackers Steal 2-Factor Authentication Codes From Android Phones

Android devices are vulnerable to a new attack that can covertly steal two-factor authentication codes, location timelines, and other private data in less than 30 seconds. The new attack, named ...
IEEE

ASDroid: Resisting Evolving Android Malware With API Clusters Derived From Source Code

Abstract: Machine learning-based Android malware detection has consistently demonstrated superior results. However, with the continual evolution of the Android framework, the efficacy of the deployed ...