GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, ...
TMCnet

ActiveState Launches Curated Catalogs to Neutralize Security Risks in AI-Generated Code

New private repository secures the AI-driven development boom by grounding LLMs in a library of 79 million vetted, ...
SecurityWeek

ForceMemo: Python Repositories Compromised in GlassWorm Aftermath

Hackers use credentials stolen in the GlassWorm campaign to access GitHub accounts and inject malware into Python ...