Compare the Cloud

GitHub VSCode extension breach exposes developer toolchain as a primary attack surface

An unauthorised group calling itself TeamPCP accessed GitHub's internal repositories, targeting VSCode extensions used by ...
Bleeping Computer

GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, repositories, and extensions on GitHub, npm, and VSCode/OpenVSX extensions. Evidence ...