The Glassworm campaign has compromised over 151 GitHub repositories and npm packages using invisible Unicode payloads that ...

Threat actors are publishing clean extensions that later update to depend on hidden payload packages, bypassing marketplace ...

Google is pushing an emergency patch for a zero-day vulnerability that has been exploited in the wild, and a second zero-day has been identified and is expected to be fixed in a future update.

Google has released emergency security updates to patch two high-severity Chrome vulnerabilities exploited in zero-day ...

VS Code 1.111 Autopilot is not just a no-prompts mode. In testing, it handled a blocking question that still stopped Bypass.

The Contagious Interview campaign weaponizes job recruitment to target developers. Threat actors pose as recruiters from crypto and AI companies and deliver backdoors such as OtterCookie and ...

Hackers have a new tool called ClickFix. The new attack vector combines fake human-verification prompts with malware, trying to trick users into running Terminal commands that bypass macOS security.

Microsoft's February 2026 Foundry update includes broader platform changes, but the most immediate developer-facing news for VS Code users is an AI Toolkit refresh centered on tool discovery, agent ...

OpenAI has launched its Codex app on Windows, bringing a native AI coding assistant with project management, automations, and WSL support for developers. The post If you’re into AI coding, OpenAI just ...

Millions installed 'productivity' Chrome extensions that became malware after acquisition. Here's how browser extensions ...

OpenAI has now released the Codex software for Windows devices, after the release of a dedicated Codex program for macOS ...

OpenAI today released the Codex app for Windows, powered by OpenAI’s frontier coding models, and it’s now the only coding agent with a first-class Windows experience.