We found fake “verify you are human” pages on hacked WordPress sites that trick Windows users into installing the Vidar ...

How can an extension change hands with no oversight?

This simple script tamed my Downloads folder.

A new malware strain dubbed Slopoly, likely created using generative AI tools, allowed a threat actor to remain on a compromised server for more than a week and steal data in an Interlock ransomware ...

Malicious Chrome extensions tied to ownership transfers push malware and steal data, exposing thousands to credential theft and system compromise.

Critical and high-severity vulnerabilities were found in four widely used Visual Studio Code extensions with a combined 128 million downloads, exposing developers to file theft, remote code execution, ...

A new VS Code extension called Nogic visualizes codebases as interactive graphs and drew strong interest on Hacker News. Commenters praised the concept for understanding large or unfamiliar codebases, ...

Cybersecurity researchers have disclosed details of a malware campaign that's targeting software developers with a new information stealer called Evelyn Stealer by weaponizing the Microsoft Visual ...

On the next episode of AppStories, Federico and I will wrap up our discussion of what we built over the holidays. With the “what” out of the way, we’re planning on talking about the “how” and the ...