Skip to content
GlassWorm Returns with 24 Malicious Extensions Impersonating Popular Developer Tools

GlassWorm Returns with 24 Malicious Extensions Impersonating Popular Developer Tools

Dec 02, 2025Ravie LakshmananMalware / Blockchain The supply chain campaign known as GlassWorm has once again reared its head, infiltrating both Microsoft Visual Studio Marketplace and Open VSX with 24 extensions impersonating popular developer tools… 

Read More »GlassWorm Returns with 24 Malicious Extensions Impersonating Popular Developer Tools
Malicious npm Package Uses Hidden Prompt and Script to Evade AI Security Tools

Malicious npm Package Uses Hidden Prompt and Script to Evade AI Security Tools

Dec 02, 2025Ravie LakshmananAI Security / Software Supply Chain Cybersecurity researchers have disclosed details of an npm package that attempts to influence artificial intelligence (AI)-driven security scanners. The package in question is eslint-plugin-unicorn-ts-2, which masquerades… 

Read More »Malicious npm Package Uses Hidden Prompt and Script to Evade AI Security Tools
Iran-Linked Hackers Hits Israeli Sectors with New MuddyViper Backdoor in Targeted Attacks

Iran-Linked Hackers Hits Israeli Sectors with New MuddyViper Backdoor in Targeted Attacks

Israeli entities spanning academia, engineering, local government, manufacturing, technology, transportation, and utilities sectors have emerged as the target of a new set of attacks undertaken by Iranian nation-state actors that have delivered a previously undocumented… 

Read More »Iran-Linked Hackers Hits Israeli Sectors with New MuddyViper Backdoor in Targeted Attacks