The GlassWorm malware has reared its ugly head again in the Open VSX registry, roughly two weeks after being removed.

The Open VSX registry rotated access tokens after they were accidentally leaked by developers in public repositories and allowed threat actors to publish malicious extensions in an attempted ...

Further instances of the malware, which steals credentials and cryptocurrency, have appeared on Open VSX and aim to establish ...

A remote access trojan dubbed SleepyDuck, and disguised as the well-known Solidity extension in the Open VSX open-source registry, uses an Ethereum smart contract to establish a communication channel ...

Developers will have to contend with a dormant turned active malicious code on Visual Studio Code (VS Code) extensions, which ...

GlassWorm, a self-propagating VS Code malware first found in the Open VSX marketplace, continues to infect developer devices ...

Researchers uncover SleepyDuck RAT hidden in VSX extension, using Ethereum contracts to control infected hosts.

Open VSX fully contained the GlassWorm attacks and says it was not a self-replicating worm in the traditional sense. The GlassWorm campaign that infected VS Code extensions in the Open VSX marketplace ...

The Eclipse Foundation has resolved the security incident at Open VSX and is introducing new measures to protect developer accounts.

Amazon Web Services has committed funding to the Eclipse Foundation to enhance the performance, reliability, and security of its open source infrastructure.

Cybersecurity researchers have disclosed a new set of three extensions associated with the GlassWorm campaign, indicating continued attempts on part of threat actors to target the Visual Studio Code ...

Keeper's zero-trust and zero-knowledge extension gives developers the power to code securely without leaving their workflow CHICAGO, /PRNewswire/ -- Keeper Security, the leading provider of zero-trust ...