InfoWorld

How GlassWorm wormed its way back into developers’ code — and what it says about open source security

Weeks after being declared eradicated, GlassWorm is again infesting open source extensions using the same invisible Unicode ...
The Hacker News

Vibe-Coded Malicious VS Code Extension Found with Built-In Ransomware Capabilities

Cybersecurity researchers have flagged a malicious Visual Studio Code (VS Code) extension with basic ransomware capabilities ...

Monsta FTP: Critical Vulnerability Allows Attackers to Execute Malicious Code

In Monsta FTP, a web-based FTP client, attackers can inject and execute malicious code through a vulnerability.
Ars Technica

Viewing website HTML code is not illegal or “hacking,” prof. tells Missouri gov.

The cybersecurity professor who helped uncover the Missouri government’s failure to protect teachers’ Social Security numbers has demanded that the state cease its investigation into him and stop ...