The Hacker News

Critical Flaws Found in Four VS Code Extensions with Over 125 Million Installs

Critical vulnerabilities in four widely used VS Code extensions could enable file theft and remote code execution across 125M ...
TechCrunch

Fintech firm Marquis blames hack at firewall provider SonicWall for its data breach

Fintech firm Marquis told customers that it plans to seek compensation from its firewall provider after blaming the company for a breach that allowed hackers to steal its customers’ personal and ...
Reuters

US Marshals probe possible government digital-asset hack, Bloomberg News reports

Jan 28 (Reuters) - The U.S. Marshals Service said it is investigating a possible hack of U.S. government digital-asset accounts, Bloomberg News ‌reported on Wednesday, citing an email from the agency.

Flaws in popular VSCode extensions expose developers to attacks

Vulnerabilities with high to critical severity ratings affecting popular Visual Studio Code (VSCode) extensions collectively downloaded more than 128 million times could be exploited to steal local ...
The Hacker News

Malicious npm Packages Harvest Crypto Keys, CI Secrets, and API Tokens

The module targets Claude Code, Claude Desktop, Cursor, Microsoft Visual Studio Code (VS Code) Continue, and Windsurf. It also harvests API keys for nine large language models (LLM) providers: ...
Task & Purpose

A hacker posted a Marine vet’s health info online and bragged about it

A Tennessee man is facing prison time for hacking into a Department of Veterans Affairs health platform, accessing a Marine Corps veteran’s personal health information, and posting it on an Instagram ...
Hosted on MSN

Google issues urgent warning after 48M stolen Gmail logins leak in huge malware hack

Google is racing to contain the fallout after tens of millions of stolen Gmail logins were found circulating online, tied to what investigators describe as a massive malware operation rather than a ...