Tag: marketplace
-
Nearly 20 million affected by Prosper, 700Credit data breaches
Fintech company Prosper Marketplace and car dealership services provider 700Credit are the latest financial institutions to report data breaches affecting millions of Americans. First seen on therecord.media Jump to article: therecord.media/data-breaches-affecting-20-million-prosper-700credit
-
Nearly 20 million affected by Prosper, 700Credit data breaches
Fintech company Prosper Marketplace and car dealership services provider 700Credit are the latest financial institutions to report data breaches affecting millions of Americans. First seen on therecord.media Jump to article: therecord.media/data-breaches-affecting-20-million-prosper-700credit
-
Russian Ring Using Ex-Immigrant Data to Fuel Fake ID Sales
Telegram-Based Market Is Exploiting Gaps in US Tracking of Departed Visa Holders. A Russian darknet marketplace is exploiting a major blind spot for U.S. financial institutions by trafficking in the identities of former legal immigrants. Telegram-based group Karma Fullz has built a profitable criminal enterprise with highly convincing synthetic identities. First seen on govinfosecurity.com Jump…
-
Security Alert: 19 Fake PNG Extensions Found in VS Code Marketplace
ReversingLabs (RL) researchers have identified a sophisticated supply chain campaign involving 19 malicious Visual Studio Code (VS Code) extensions. The campaign, which has been active since February 2025 and was uncovered on December 2, 2025, leverages the trust inherent in the developer ecosystem by hiding malware within the dependency folders of otherwise functional extensions. The…
-
Security Alert: 19 Fake PNG Extensions Found in VS Code Marketplace
ReversingLabs (RL) researchers have identified a sophisticated supply chain campaign involving 19 malicious Visual Studio Code (VS Code) extensions. The campaign, which has been active since February 2025 and was uncovered on December 2, 2025, leverages the trust inherent in the developer ecosystem by hiding malware within the dependency folders of otherwise functional extensions. The…
-
Polymorphic AI malware exists, but it’s not what you think
Tags: access, ai, api, attack, authentication, automation, business, ciso, credentials, cryptography, cyber, cybercrime, detection, edr, email, espionage, government, group, identity, infrastructure, malicious, malware, marketplace, mfa, monitoring, phishing, radius, ransomware, risk, soc, technology, theft, threat, toolwhat the code block should do, or how it’s going to evade an antivirus. It’s just working under the assumption that Gemini just instinctively knows how to evade antiviruses (it doesn’t). There’s also no entropy to ensure the ‘self-modifying’ code differs from previous versions, or any guardrails to ensure it actually works. The function was…
-
Polymorphic AI malware exists, but it’s not what you think
Tags: access, ai, api, attack, authentication, automation, business, ciso, credentials, cryptography, cyber, cybercrime, detection, edr, email, espionage, government, group, identity, infrastructure, malicious, malware, marketplace, mfa, monitoring, phishing, radius, ransomware, risk, soc, technology, theft, threat, toolwhat the code block should do, or how it’s going to evade an antivirus. It’s just working under the assumption that Gemini just instinctively knows how to evade antiviruses (it doesn’t). There’s also no entropy to ensure the ‘self-modifying’ code differs from previous versions, or any guardrails to ensure it actually works. The function was…
-
Polymorphic AI malware exists, but it’s not what you think
Tags: access, ai, api, attack, authentication, automation, business, ciso, credentials, cryptography, cyber, cybercrime, detection, edr, email, espionage, government, group, identity, infrastructure, malicious, malware, marketplace, mfa, monitoring, phishing, radius, ransomware, risk, soc, technology, theft, threat, toolwhat the code block should do, or how it’s going to evade an antivirus. It’s just working under the assumption that Gemini just instinctively knows how to evade antiviruses (it doesn’t). There’s also no entropy to ensure the ‘self-modifying’ code differs from previous versions, or any guardrails to ensure it actually works. The function was…
-
Researchers Find Malicious VS Code, Go, npm, and Rust Packages Stealing Developer Data
Cybersecurity researchers have discovered two new extensions on Microsoft Visual Studio Code (VS Code) Marketplace that are designed to infect developer machines with stealer malware.The VS Code extensions masquerade as a premium dark theme and an artificial intelligence (AI)-powered coding assistant, but, in actuality, harbor covert functionality to download additional payloads, take First seen on…
-
Malicious VSCode extensions on Microsoft’s registry drop infostealers
Two malicious extensions on Microsoft’s Visual Studio Code Marketplace infect developers’ machines with information-stealing malware that can take screenshots, steal credentials, and hijack browser sessions. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/malicious-vscode-extensions-on-microsofts-registry-drop-infostealers/
-
ShadyPanda’s Years-Long Browser Hack Infected 4.3 Million Users
A threat group dubbed ShadyPanda exploited traditional extension processes in browser marketplaces by uploading legitimate extensions and then quietly weaponization them with malicious updates, infecting 4.3 million Chrome and Edge users with RCE malware and spyware. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/12/shadypandas-years-long-browser-hack-infected-4-3-million-users/
-
ShadyPanda’s Years-Long Browser Hack Infected 4.3 Million Users
A threat group dubbed ShadyPanda exploited traditional extension processes in browser marketplaces by uploading legitimate extensions and then quietly weaponization them with malicious updates, infecting 4.3 million Chrome and Edge users with RCE malware and spyware. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/12/shadypandas-years-long-browser-hack-infected-4-3-million-users/
-
Malicious VSCode Extension Deploys Anivia Loader and OctoRAT
In late November 2025, a sophisticated supply-chain attack leveraging the Visual Studio Code extension ecosystem came to light, demonstrating how threat actors are increasingly targeting developer tools to gain persistent access to high-value systems. On November 21, a malicious extension masquerading as the popular Prettier code formatter appeared briefly on the official VSCode Marketplace before…
-
‘ShadyPanda’ Hackers Weaponize Millions of Browsers
The China-based cyber-threat group has been quietly using malicious extensions on the Google Chrome and Microsoft Edge marketplaces to spy on millions of users. First seen on darkreading.com Jump to article: www.darkreading.com/endpoint-security/shadypanda-hackers-weaponize-browsers
-
Newly discovered malicious extensions could be lurking in enterprise browsers
Tags: attack, browser, chrome, data, detection, exploit, google, malicious, marketplace, microsoft, technology, tool, update, vulnerabilityShadyPanda played the long game, with extensions including the popular Clean Master utility with 200,000 installs distributed as completely legitimate tools early on, earning them positive user ratings and, in some cases, trust signals such as “Featured” or “Verified” badges in the Chrome Web Store and Microsoft Edge Add-ons store. No review after submission: This…
-
Newly discovered malicious extensions could be lurking in enterprise browsers
Tags: attack, browser, chrome, data, detection, exploit, google, malicious, marketplace, microsoft, technology, tool, update, vulnerabilityShadyPanda played the long game, with extensions including the popular Clean Master utility with 200,000 installs distributed as completely legitimate tools early on, earning them positive user ratings and, in some cases, trust signals such as “Featured” or “Verified” badges in the Chrome Web Store and Microsoft Edge Add-ons store. No review after submission: This…
-
GlassWorm Returns with 24 Malicious Extensions Impersonating Popular Developer Tools
The supply chain campaign known as GlassWorm has once again reared its head, infiltrating both Microsoft Visual Studio Marketplace and Open VSX with 24 extensions impersonating popular developer tools and frameworks like Flutter, React, Tailwind, Vim, and Vue.GlassWorm was first documented in October 2025, detailing its use of the Solana blockchain for command-and-control (C2) and…
-
GlassWorm Returns with 24 Malicious Extensions Impersonating Popular Developer Tools
The supply chain campaign known as GlassWorm has once again reared its head, infiltrating both Microsoft Visual Studio Marketplace and Open VSX with 24 extensions impersonating popular developer tools and frameworks like Flutter, React, Tailwind, Vim, and Vue.GlassWorm was first documented in October 2025, detailing its use of the Solana blockchain for command-and-control (C2) and…
-
ShadyPanda’s Seven-Year Campaign Infects 4.3M Chrome and Edge Users
Infected 4.3 million Chrome and Edge users via extensions; ShadyPanda exploited browser marketplaces First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/shadypanda-infects-43m-chrome-edge/
-
Glassworm Malware Targets OpenVSX and Microsoft Visual Studio with 24 New Malicious Packages
Security threats rarely adhere to holiday schedules, and while developers may take time off, malicious actors are working overtime. A significant new wave of software supply chain attacks has been identified targeting the Microsoft Visual Studio Marketplace and OpenVSX platforms. Researchers at Secure Annex have uncovered and tracked 24 new malicious packages linked to the…
-
4.3 Million Chrome and Edge Users Hacked in 7-Year ShadyPanda Malware Campaign
Koi researchers have uncovered a seven-year browser extension operation that has silently compromised at least 4.3 million Chrome and Edge users worldwide. The threat actor, dubbed ShadyPanda, systematically abused browser marketplaces to turn seemingly legitimate extensions into long”‘term surveillance and remote access platforms. Koi’s investigation identified two ongoing campaigns linked to the same actor. A 300,000″‘user remote…
-
Glassworm Malware Targets OpenVSX and Microsoft Visual Studio with 24 New Malicious Packages
Security threats rarely adhere to holiday schedules, and while developers may take time off, malicious actors are working overtime. A significant new wave of software supply chain attacks has been identified targeting the Microsoft Visual Studio Marketplace and OpenVSX platforms. Researchers at Secure Annex have uncovered and tracked 24 new malicious packages linked to the…
-
Glassworm malware returns in third wave of malicious VS Code packages
The Glassworm campaign, which first emerged on the OpenVSX and Microsoft Visual Studio marketplaces in October, is now in its third wave, with 24 new packages added on the two platforms. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/glassworm-malware-returns-in-third-wave-of-malicious-vs-code-packages/
-
VSCode Marketplace Hit by Rogue Prettier Extension Delivering Anivia Stealer
A recently discovered malicious Visual Studio Code (VSCode) extension masquerading as the well-known “Prettier” formatter briefly infiltrated the official VSCode Marketplace, delivering a variant of the Anivia Stealer malware in a targeted attack to steal sensitive login credentials and private data from developers’ systems. Thanks to the vigilance of the Checkmarx Zero research team specifically…
-
VSCode Marketplace Hit by Rogue Prettier Extension Delivering Anivia Stealer
A recently discovered malicious Visual Studio Code (VSCode) extension masquerading as the well-known “Prettier” formatter briefly infiltrated the official VSCode Marketplace, delivering a variant of the Anivia Stealer malware in a targeted attack to steal sensitive login credentials and private data from developers’ systems. Thanks to the vigilance of the Checkmarx Zero research team specifically…
-
VSCode Marketplace Hit by Rogue Prettier Extension Delivering Anivia Stealer
A recently discovered malicious Visual Studio Code (VSCode) extension masquerading as the well-known “Prettier” formatter briefly infiltrated the official VSCode Marketplace, delivering a variant of the Anivia Stealer malware in a targeted attack to steal sensitive login credentials and private data from developers’ systems. Thanks to the vigilance of the Checkmarx Zero research team specifically…
-
VSCode Marketplace Hit by Rogue Prettier Extension Delivering Anivia Stealer
A recently discovered malicious Visual Studio Code (VSCode) extension masquerading as the well-known “Prettier” formatter briefly infiltrated the official VSCode Marketplace, delivering a variant of the Anivia Stealer malware in a targeted attack to steal sensitive login credentials and private data from developers’ systems. Thanks to the vigilance of the Checkmarx Zero research team specifically…
-
Morphisec warns StealC V2 malware spread through weaponized blender files
StealC V2 spread via malicious Blender files on 3D model sites like CGTrader, abusing Blender’s ability to run hidden Python scripts. Cybersecurity firm Morphisec reported that Russian threat actors are spreading StealC V2 infostealer via weaponized Blender files uploaded to 3D model marketplaces like CGTrader. The malware abuses Blender’s ability to run Python scripts for automation…
-
Morphisec warns StealC V2 malware spread through weaponized blender files
StealC V2 spread via malicious Blender files on 3D model sites like CGTrader, abusing Blender’s ability to run hidden Python scripts. Cybersecurity firm Morphisec reported that Russian threat actors are spreading StealC V2 infostealer via weaponized Blender files uploaded to 3D model marketplaces like CGTrader. The malware abuses Blender’s ability to run Python scripts for automation…
-
Malicious Blender model files deliver StealC infostealing malware
A Russian-linked campaign delivers the StealC V2 information stealer malware through malicious Blender files uploaded to 3D model marketplaces like CGTrader. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/malicious-blender-model-files-deliver-stealc-infostealing-malware/