Open VSX rotates tokens used in supply-chain malware attack

The Open VSX registry rotated access tokens after they were accidentally leaked by developers in public repositories and ...

Claude code will send your data to crims ... if they ask it nicely

"The exploit hijacks Claude and follows the adversaries instructions to grab private data, write it to the sandbox, and then calls the Anthropic File API to upload the file to the attacker's account ...
InfoWorld

Self-propagating worm found in marketplaces for Visual Studio Code extensions

Treat this as an immediate security incident, CISOs advised; researchers say it’s one of the most sophisticated supply chain ...
AARP

Medicare Works to Fix Tech Glitches in New Plan Finder Tool

As open enrollment begins, health officials are working to address technical issues in the Medicare Plan Finder ...

House Plant Shop in California finds its second bloom on Temu

"Online marketplaces were getting more crowded, and it was hard for smaller sellers to compete." That changed in December ...
The Hacker News

China-Linked Hackers Exploit Windows Shortcut Flaw to Target European Diplomats

Cybersecurity, Cyber Espionage, Malware, PlugX, Data Breach, Vulnerability, Phishing, European Union, Threat Intelligence ...
The Caledonian-Record

OTR Solutions Launches Truly Instant Funding — The Future of Fintech in Logistics

Powered by OTRintelligence, Truly Instant Funding removes every barrier between carriers and their cashflow. Anytime, anywhere. -- ...

Furloughed federal workers face delays getting unemployment pay during shutdown

Thousands of furloughed federal workers are trying to navigate the unemployment system, in a sharp increase that is still a fraction of the 670,000 furloughed during the shutdown. About 26,000 ...

DPRK Hackers Use 'EtherHiding' to Host Malware on Ethereum, BNB Blockchains: Google

Google’s Threat Intelligence Group has linked North Korean hackers to EtherHiding, blockchain malware previously used by ...
InfoWorld

Threat actors are spreading malicious extensions via VS marketplaces

There isn’t a consistent threat model for extension marketplaces yet, McCarthy said, making it difficult for any platform to anticipate these risks. However, he added, Microsoft’s marketplace has seen ...

Georgia’s tech surge: how IT services are driving a new era of growth

Georgia’s rapid IT sector growth is transforming its economy, supported by government policies, a skilled workforce, and a thriving startup ecosystem ...

From Job Offers to Crypto Theft: Latest North Korean Hacker Campaigns Exposed

The North Korean threat actor behind the Contagious Interview campaign has started combining features from two of its malware ...