Fake Solidity VSCode extension on Open VSX backdoors developers

A remote access trojan dubbed SleepyDuck, and disguised as the well-known Solidity extension in the Open VSX open-source registry, uses an Ethereum smart contract to establish a communication channel ...

Open VSX rotates tokens used in supply-chain malware attack

The Open VSX registry rotated access tokens after they were accidentally leaked by developers in public repositories and allowed threat actors to publish malicious extensions in an attempted ...
The Hacker News

Malicious VSX Extension "SleepyDuck" Uses Ethereum to Keep Its Command Server Alive

Researchers uncover SleepyDuck RAT hidden in VSX extension, using Ethereum contracts to control infected hosts.
XDA Developers on MSN

I’m never going back to Microsoft Word after mastering this open-source self-hosted tool

For anyone serious about privacy and streamlining their digital toolkit, HedgeDoc is the clear winner. So what are you waiting for? Stop renting your word processor and start owning your workflow.
GitHub

Chromium Browser DoS Attack via document.title Exploitation

It allows any Chromium browser to collapse in 15-60 seconds by exploiting an architectural flaw in how certain DOM operations ...