The Hacker News

Eclipse Foundation Mandates Pre-Publish Security Checks for Open VSX Extensions

Eclipse Foundation to require pre-publish security checks for Open VSX extensions to reduce VS Code supply-chain risk.
Microsoft

Infostealers without borders: macOS, Python stealers, and platform abuse

How modern infostealers target macOS systems, leverage Python‑based stealers, and abuse trusted platforms and utilities to ...
Microsoft

Detecting backdoored language models at scale

Learn how Microsoft research uncovers backdoor risks in language models and introduces a practical scanner to detect ...
Visual Studio Magazine

VS Code Team Member Blames User Trust Decisions in Repo-Based Attacks

In a a robust Hacker News thread sparked by Jamf Threat Labs research, a VS Code team member defended the editor's Workspace Trust model as the primary safeguard against repo-based malware -- while ...