Bleeping Computer

Malicious crypto-stealing VSCode extensions resurface on OpenVSX

A threat actor called TigerJack is constantly targeting developers with malicious extensions published on Microsoft's Visual Code (VSCode) marketplace and OpenVSX registry to steal cryptocurrency and ...
Dark Reading

LLM Hijackers Quickly Incorporate DeepSeek API Keys

Sophisticated "LLMjacking" operations have obtained stolen access to DeepSeek models, just weeks after their public release. Most recently, researchers from Sysdig observed hyperactive LLMjacking ...