Flaws in popular VSCode extensions expose developers to attacks

Vulnerabilities with high to critical severity ratings affecting popular Visual Studio Code (VSCode) extensions collectively downloaded more than 128 million times could be exploited to steal local ...
The Hacker News

ThreatsDay Bulletin: Codespaces RCE, AsyncRAT C2, BYOVD Abuse, AI Cloud Intrusions & 15+ Stories

Key cyber updates on ransomware, cloud intrusions, phishing, botnets, supply-chain risks, and nation-state threat activity.
GitHub

Drswith/vscode-json-string-code-editor

Choose from auto-detected languages Edit in a new tab with syntax highlighting Press Ctrl+S to save and sync back Note: Language detection is built into the extension and cannot be customized by users ...
The New York Times

Powerful Men Who Turn Up in the New Batch of Epstein Files

Elon Musk, Richard Branson and Sergey Brin were among those who exchanged messages or visited with Jeffrey Epstein, according to the newly released documents. By The New York Times The Department of ...
theregister

Claude Code's prying AIs read off-limits secret files

Don't you hate it when machines can't follow simple instructions? Anthropic's Claude Code can't take "ignore" for an answer and continues to read passwords and API keys, even when your secrets file is ...
GitHub

vite-plugin-generate-package-json

This plugin is useful for when you want to generate an SBOM or scan your project for vulnerable Open Source libraries but you don't want to include libraries which aren't included in your final ...