GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, ...
TechJuice

GlassWorm Malware Silently Infects Hundreds of Python Projects

GlassWorm attack uses stolen GitHub tokens to inject malware into Python repositories, exposing developers to supply chain risks.

ActiveState Launches Curated Catalogs to Neutralize Security Risks in AI-Generated Code

ActiveState, a global leader in trusted, managed open source software, today announced the launch of the ActiveState Curated Catalog. This new offering provides organizations with a private, secure ...