GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, ...
Microsoft

Guidance for detecting, investigating, and defending against the Trivy supply chain compromise

Threat actors abused trusted Trivy distribution channels to inject credential‑stealing malware into CI/CD pipelines worldwide ...
Visual Studio Magazine

Going Local (& a Bit Loco) with Open-Source AI in VS Code

This hands-on PoC shows how I got an open-source model running locally in Visual Studio Code, where the setup worked, where it broke down, and what to watch out for if you want to apply a local model ...
CSO Online

New ‘StoatWaffle’ malware auto‑executes attacks on developers

The newly observed malware abuses VS Code’s “runOn:folderOpen” feature to execute automatically from trusted projects, ...
Microsoft

Contagious Interview: Malware delivered through fake developer job interviews

The Contagious Interview campaign weaponizes job recruitment to target developers. Threat actors pose as recruiters from crypto and AI companies and deliver backdoors such as OtterCookie and ...
MarketWatch

Shell PLC

Shell PLC Annual cash flow by MarketWatch. View SHELL net cash flow, operating cash flow, operating expenses and cash dividends.
GitHub

Awesome Claude Code Mastery

🔧 anthropics/claude-code 73k+ Official Claude Code - agentic coding tool for your terminal 🔧 anthropics/claude-plugins-official 8.8k+ Official, Anthropic-managed directory of high quality Claude ...
GitHub

davila7/claude-code-templates

Ready-to-use configurations for Anthropic's Claude Code. A comprehensive collection of AI agents, custom commands, settings, hooks, external integrations (MCPs), and project templates to enhance your ...