GitHub

DataDog/guarddog: GuardDog is a CLI tool to Identify malicious PyPI packages

GuardDog is a CLI tool that allows to identify malicious PyPI and npm packages, Go modules, GitHub actions, or VSCode extensions. It runs a set of heuristics on the package source code (through ...

MESCIUS USA Releases ComponentOne 2025 v2

MESCIUS USA, Inc., a global provider of award-winning enterprise software development tools, is pleased to announce the ComponentOne 2025 v2 release. The highlights of the year's last major release ...
How-To Geek on MSN

Plex server changes, the new Visual Studio Code, and more: News roundup

Visual Studio Code and other lightweight editors might be the most popular choices for Python programming, but JetBrains ...
The Hacker News

Researchers Find Malicious VS Code, Go, npm, and Rust Packages Stealing Developer Data

Cybersecurity researchers have discovered two new extensions on Microsoft Visual Studio Code (VS Code) Marketplace that are designed to infect developer machines with stealer malware. The VS Code ...
GitHub

Apx (/à·peks/) is the default package manager in Vanilla OS. It is a wrapper around multiple package managers to install packages and run commands inside a managed container.

Special thanks to distrobox for making this possible.
Bleeping Computer

Glassworm malware returns in third wave of malicious VS Code packages

The Glassworm campaign, which first emerged on the OpenVSX and Microsoft Visual Studio marketplaces in October, is now in its third wave, with 24 new packages added on the two platforms. OpenVSX and ...
The Hacker News

North Korean Hackers Deploy 197 npm Packages to Spread Updated OtterCookie Malware

The North Korean threat actors behind the Contagious Interview campaign have continued to flood the npm registry with 197 more malicious packages since last month. According to Socket, these packages ...