The Hacker News

GlassWorm Campaign Uses Zig Dropper to Infect Multiple Developer IDEs

GlassWorm uses a fake WakaTime VS Code extension to infect IDEs, deploy RATs, and steal data, prompting urgent credential ...
GitHub

An unofficial VS Code extension that enables Biome formatting in monorepo environments.

This plugin discovers projects based on package.json files across VSCode workspaces. Before using it, add @biomejs/biome as a dependency in your project's package.json and install the package using ...
The Hacker News

Microsoft Warns Developers of Fake Next.js Job Repos Delivering In-Memory Malware

A "coordinated developer-targeting campaign" is using malicious repositories disguised as legitimate Next.js projects and technical assessments to trick victims into executing them and establish ...
GitHub

A Chrome extension that archives any authenticated website as self-contained HTML files. Each page is saved with fully inlined CSS, fonts, images, and JavaScript — so the ...

Most web archivers require you to log in separately or can't access pages behind authentication. This extension runs inside your existing Chrome session, so it can ...
SecurityWeek

Over 300 Malicious Chrome Extensions Caught Leaking or Stealing User Data

With more than 37 million combined downloads, the extensions expose users to tracking and personal information theft. Security researchers have discovered more than 300 Chrome extensions that leak ...