The Hacker News

GlassWorm Supply-Chain Attack Abuses 72 Open VSX Extensions to Target Developers

GlassWorm campaign used 72 malicious Open VSX extensions and infected 151 GitHub repositories, enabling stealth supply-chain attacks on developers.
XDA Developers on MSN

I automated file organization with one PowerShell script

This simple script tamed my Downloads folder.
Microsoft

Contagious Interview: Malware delivered through fake developer job interviews

The Contagious Interview campaign weaponizes job recruitment to target developers. Threat actors pose as recruiters from crypto and AI companies and deliver backdoors such as OtterCookie and ...

New 'Zombie ZIP' technique lets malware slip past security tools

A new technique dubbed "Zombie ZIP" helps conceal payloads in compressed files specially created to avoid detection from security solutions such as antivirus and endpoint detection and response (EDR) ...
XDA Developers on MSN

I replaced VS Code with this open-source editor and it's faster, lighter, and runs all my extensions

You also get to escape Microsoft telemetry tracking too.

APT28 hackers deploy customized variant of Covenant open-source tool

The Russian state-sponsored APT28 threat group is using a custom variant of the open-source Covenant post-exploitation framework for long-term espionage operations.
ExtremeTech

OpenAI Brings Codex AI Coding App to Windows

OpenAI's Codex coding app is available on Windows after a period of exclusivity to macOS. The app is a hub where developers can manage multiple AI agents within a single project, allowing them to ...