SecurityWeek

136 NPM Packages Delivering Infostealers Downloaded 100,000 Times

For the past four months, over 130 malicious NPM packages deploying information stealers have been collectively downloaded ...
CSO Online

Typo hackers sneak cross-platform credential stealer into 10 npm packages

The typosquatted packages auto-execute on installation, fingerprint victims by IP, and deploy a PyInstaller binary to harvest ...
SecurityWeek

Open VSX Downplays Impact From GlassWorm Campaign

Open VSX fully contained the GlassWorm attacks and says it was not a self-replicating worm in the traditional sense. The GlassWorm campaign that infected VS Code extensions in the Open VSX marketplace ...

Linux vendors are getting into Ubuntu – and Snap

Ubuntu Summit More than one Linux-adjacent vendor presented at the Ubuntu Summit, and a small but recurring theme is offering ...

Snap out of it: Canonical on Flatpak friction, Core Desktop, and the future of Ubuntu

Ubuntu Summit The Register FOSS desk sat down with Canonical's vice-president for engineering, Jon Seager, during Ubuntu Summit earlier this month. This is a heavily condensed version of our ...