GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, ...
Infosecurity Magazine

Security Flaw in AWS Bedrock Code Interpreter Raises Alarms

A method for exfiltrating sensitive data from AI-powered code execution environments using domain name system (DNS) queries has been demonstrated by security researchers, highlighting potential risks ...