Malicious crypto-stealing VSCode extensions resurface on OpenVSX

A threat actor called TigerJack is constantly targeting developers with malicious extensions published on Microsoft's Visual Code (VSCode) marketplace and OpenVSX registry to steal cryptocurrency and ...

‘Pixnapping’ Android attack could expose crypto wallet seed phrases

A newly discovered Android bug enables rogue apps to infer and rebuild on-screen visuals, potentially exposing private ...

On-Chain Cultural Assets: Decoding City Protocol’s IP Capital Market

City Protocol is developing a decentralized protocol designed to establish capital market infrastructure for intellectual ...
The Hacker News

npm, PyPI, and RubyGems Packages Found Sending Developer Data to Discord Channels

Researchers expose Discord webhook C2 in npm, PyPI, RubyGems; North Korean actors published 338 malicious npm packages with ...