InfoWorld

How GlassWorm wormed its way back into developers’ code — and what it says about open source security

Weeks after being declared eradicated, GlassWorm is again infesting open source extensions using the same invisible Unicode ...
Chapelboro

What’s Trending: The Unicode Consortium

Trending today: new emojis from the Unicode Consortium, a nonprofit that's tasked with standardizing emojis across all ...
The Hacker News

GlassWorm Malware Discovered in Three VS Code Extensions with Thousands of Installs

Cybersecurity researchers have disclosed a new set of three extensions associated with the GlassWorm campaign, indicating continued attempts on part of threat actors to target the Visual Studio Code ...
Hosted on MSN

Booking.com customers learn the hard way that Unicode is tricky

It's easy to mistake an "l" for a "1" or an "I" with a poorly designed typeface. (Ahem.) Fortunately, modern fonts tend to use a variety of techniques to disambiguate those easily confused ...
Techzine Europe

Invisible malware spread via VS Code extensions

The leak has now been fixed. According to the Open VSX team, the incident has been fully contained and closed since October ...

GlassWorm malware returns on OpenVSX with 3 new VSCode extensions

The GlassWorm malware campaign, which impacted the OpenVSX and Visual Studio Code marketplaces last month, has returned with ...

BiDi Swap: The bidirectional text trick that makes fake URLs look real

Attackers are abusing bidirectional text to make fake URLs look real, reviving a decade-old browser flaw now fueling new phishing tricks. Varonis reveals how the "BiDi Swap" technique works and what ...