OpenClaw’s AI ‘skill’ extensions are a security nightmare

Security researchers found hundreds of malicious add-ons on ClawHub.
The Hacker News

Eclipse Foundation Mandates Pre-Publish Security Checks for Open VSX Extensions

Eclipse Foundation to require pre-publish security checks for Open VSX extensions to reduce VS Code supply-chain risk.

Chrome Add-On Caught Stealing Amazon Commissions

A Chrome extension posing as an Amazon ad blocker was caught hijacking affiliate links in the background, redirecting ...

Half of Chrome's AI extensions are harvesting your data - see the surprising worst offenders

Coding, transcription, and other productivity tools proved the most invasive, though several other categories are worth watching as well.