CSO Online

TigerJack’s malicious VSCode extensions mine, steal, and stay hidden

The coordinated campaign abuses Visual Studio Code and OpenVSX extensions to steal code, mine cryptocurrency, and maintain ...
The Register on MSN

Microsoft drops surprise Windows Server patch before weekend downtime

You didn't have plans, did you? Microsoft has released an out-of-band update to patch a critical vulnerability in Windows ...

Self-spreading GlassWorm malware hits OpenVSX, VS Code registries

A new and ongoing supply-chain attack is targeting developers on the OpenVSX and Microsoft Visual Studio marketplaces with ...
InfoWorld

Serious vulnerability found in Rust library

Researchers at Edera say they have uncovered a critical boundary-parsing bug, dubbed TARmageddon ( CVE-2025-62518 ), in the popular async-tar Rust library. And not only is it in this library, but also ...
The Hacker News

North Korean Hackers Combine BeaverTail and OtterCookie into Advanced JS Malware

The North Korean threat actor linked to the Contagious Interview campaign has been observed merging some of the functionality ...
The Hacker News

ThreatsDay Bulletin: $176M Crypto Fine, Hacking Formula 1, Chromium Vulns, AI Hijack & More

Cybercrime crackdowns, AI security flaws, and major breaches — from $176M fines to Starlink, F1, and Google’s new threat ...