JavaScript runtime developed with AI: Edge.js for secure Node.js applications

Securely execute Node.js workloads in WebAssembly sandboxes – that is the goal of the new JavaScript runtime Edge.js.
The Hacker News

Ghost Campaign Uses 7 npm Packages to Steal Crypto Wallets and Credentials

Valentić told The Hacker News that the use of fake progress indicators mimicking legitimate installation progress and the ...
Security Boulevard

GlassWorm attack installs fake browser extension for surveillance

It hides inside developer tools, then monitors activity and steals data, turning a single infection into a wider risk across ...
Infosecurity Magazine

EtherRAT Techniques Bypass Security Via Ethereum Smart Contracts

A new EtherRAT malware campaign using Ethereum smart contracts to hide command-and-control (C2) infrastructure has been ...
InfoWorld

New ‘StoatWaffle’ malware auto‑executes attacks on developers

The newly observed malware abuses VS Code’s “runOn:folderOpen” feature to execute automatically from trusted projects, ...

GhostClaw: Infostealer for macOS on GitHub

For a few weeks now, malware that also leverages the OpenClaw hype has been circulating on the developer platform GitHub.

GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, ...
The Hacker News

North Korean Hackers Abuse VS Code Auto-Run Tasks to Deploy StoatWaffle Malware

North Korean hackers exploit VS Code tasks.json auto-run since Dec 2025 to deploy StoatWaffle malware, stealing data and ...
Visual Studio Magazine

Getting My OpenClaw Around VS Code

A hands-on test found that OpenClaw can work with VS Code for file-based drafting and source-driven synthesis, but the current experience is still centered on a local gateway and workspace model rathe ...