In March, JFrog Security Research documented a malware campaign titled GhostClaw/GhostLoader. Since the original documentation of this campaign, Jamf Threat Labs examined multiple GitHub repositories ...

GhostClaw, a macOS infostealer, is spreading through GitHub repositories and developer tools, and it works because routine install habits make running malware feel completely normal.

The GlassWorm malware made news when it pivoted from exclusively targeting Windows users to also targeting Mac OS users in January, and in the time since, the malware campaign has spread across at ...

New private repository secures the AI-driven development boom by grounding LLMs in a library of 79 million vetted, rebuilt-from-source components VANCOUVER, BC, March 17, 2026 /PRNewswire/ -- ...

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, ...

The infamous GlassWorm malware has infected dozens more Open VSX software packages, according to new research.

GlassWorm campaign injects malware into GitHub Python repos using stolen tokens since March 8, 2026, exposing developers to ...

The Glassworm campaign has compromised over 151 GitHub repositories and npm packages using invisible Unicode payloads that ...

Hackers use credentials stolen in the GlassWorm campaign to access GitHub accounts and inject malware into Python repositories.

Researchers say they’ve discovered a supply-chain attack flooding repositories with malicious packages that contain invisible code, a technique that’s flummoxing traditional defenses designed to ...

Microsoft's new Azure Skills Plugin bundles curated Azure skills, the Azure MCP Server, and the Foundry MCP Server into a single install that gives AI coding agents both the expertise and execution ...

GitHub reported a major service outage Sunday that disrupted Git Operations, its API, and multiple other core services used by millions of developers worldwide. The incident halted key development ...