Live wallpaper extensions may look like a harmless way to refresh a browser’s appearance, but researchers recently uncovered 152 potentially dangerous extensions lurking in the Chrome Web Store. Disguised as live wallpapers, these add-ons...
The recent subjugation of a ubiquitous Python library dedicated to communications has starkly illuminated the profound fragility inherent within the open-source supply chain. Venomous architecture was surreptitiously woven into the official Telnyx Python SDK—a...
The GlassWorm malware crusade has once again recalibrated its stratagems, mutating into a demonstrably more perilous threat. Within a mere span of days, the bombardment—orchestrated via extensions for the Open VSX developmental ecosystem—metamorphosed from...
Security analysts at Socket have unmasked a surgical supply chain incursion targeting the libraries associated with the dYdX cryptocurrency exchange. Malicious iterations of client packages manifested simultaneously within the npm and PyPI repositories following...
A sophisticated supply chain incursion has been documented within the Open VSX extension registry, precipitated by the illicit seizure of a developer’s credentials. Adversaries surreptitiously integrated malicious payloads into widely utilized development tools to...
