Malicious pull request infects VS Code extension
ETHcode, a VS Code extension for Ethereum smart contract development, was compromised following a GitHub pull request.
Read More about Malicious pull request infects VS Code extensionPetar Kirhmajer
Threat Researcher, ReversingLabs.
Posts from Petar Kirhmajer
Malicious pull request infects VS Code extension
Suspicious NuGet package grabs data from industrial systems
Here's what the RL research team knows about the suspicious SqzrFramework480 campaign, which is still available on the NuGet repository.
Read More about Suspicious NuGet package grabs data from industrial systems
Attackers leverage PyPI to sideload malicious DLLs
RL discovered two malicious packages and a subsequent larger campaign, showing that the approach is an emerging software supply chain attack method.
Read More about Attackers leverage PyPI to sideload malicious DLLs