Glassworm malware returns in third wave of malicious VS Code packages

The Glassworm campaign, which first emerged on the OpenVSX and Microsoft Visual Studio marketplaces in October, is now in its third wave, with 24 new packages added on the two platforms.
The Hacker News

Tomiris Shifts to Public-Service Implants for Stealthier C2 in Attacks on Government Targets

Tomiris is using public-service C2 implants and new phishing chains to stealthily deploy multi-language malware across targeted government networks.

Malicious Blender model files deliver StealC infostealing malware

The code pulls a malware loader from a Cloudflare Workers domain which, in turn, pulls two ZIP archives. These deploy two payloads, including a StealC infostealer and an auxiliary Python stealer, ...
Cape Cod ChronicleOpinion

Letters To The Editor: Nov. 27, 2025

I am responding to the “Clarify Reason for Protest” letter in the Nov. 13 Chronicle, which asked what Trump and his ...
Amazon S3 on MSN

These files are secretly ZIP archives and how to find them

ThioJoe explains how some files are secretly ZIP archives and how to detect them. Legal analysts react to Trump’s plan to ...

Glassworm returns once again with a third round of VS code attacks

The Visual Studio Marketplace and the Open VSX Registry users are targeted once again with infostealing malware.
Twinfinite

All Roblox Haze Piece Codes (December 2025)

On the lookout for the latest Project New World codes for Roblox? We have the complete list of updated and working codes that players can use to claim free goodies in the game. Project New World is ...