This week’s ThreatsDay covers supply chain attacks, fake help desks, wiper malware, AI prompt traps, RMM abuse, phishing kits ...

VS Code extensions since Dec 21, 2025 fuel GlassWorm v2, installing cross-IDE malware and stealing credentials.

VS Code is no longer just an IDE.

The Bitwarden CLI NPM package compromise is tied to a Checkmarx supply chain attack and references the Shai-Hulud worm.

A malicious version of Bitwarden's CLI password manager was briefly distributed via npm after attackers exploited a compromised GitHub Action, in a campaign linked to the Checkmarx supply chain attack ...

A malicious version of the Bitwarden command-line interface (CLI) password manager was briefly distributed via the Node ...

Hackers have compromised Docker images, VSCode and Open VSX extensions for the Checkmarx KICS analysis tool to harvest ...

Compare the best DAST tools in 2026. Our buyer's guide covers 10 dynamic application security testing solutions, key features ...

The entire source code for Anthropic’s Claude Code command line interface application (not the models themselves) has been leaked and disseminated, apparently due ...

I wore the world's first HDR10 smart glasses TCL's new E Ink tablet beats the Remarkable and Kindle Anker's new charger is one of the most unique I've ever seen Best laptop cooling pads Best flip ...

VS Code Extensions have transformed the code editor into a productivity powerhouse. GitHub Copilot enables AI-powered autocomplete, multi-line code generation, and context-aware suggestions, helping ...