Malicious VSCode extensions on Microsoft's registry drop infostealers

Two malicious extensions on Microsoft's Visual Studio Code Marketplace infect developers' machines with information-stealing ...

How to Spot a ‘Sleeper’ Browser Extension That’s Actually Malware

Malicious extensions occasionally find their way into the Chrome Web Store (and similar libraries in other browsers) by posing as legitimate add-ons. Some of them only morph into malware after gaining ...

Google raises AI stakes as OpenAI struggles to stay on top

Google's new Gemini 3 model challenges OpenAI's dominance in the global artificial intelligence (AI) race. As rivals invest ...
Security Boulevard

ShadyPanda Takes its Time to Weaponize Legitimate Extensions

ShadyPanda spent seven years uploading trusted Chrome and Edge extensions, later weaponizing them for tracking, hijacking, and remote code execution. Learn how the campaign unfolded.

Claude Code made an astonishing $1B in 6 months - and my own AI-coded iPhone app shows why

My complex app, built entirely through agentic coding, reveals the true force multiplier transforming how developers create products at astonishing speed.
Security Boulevard

ShadyPanda’s Years-Long Browser Hack Infected 4.3 Million Users

A threat group dubbed ShadyPanda exploited traditional extension processes in browser marketplaces by uploading legitimate extensions and then quietly weaponization them with malicious updates, ...

Over 4 million users hit with spyware that can turn your browser extensions into malware — how to stay safe

A long running malware operation that has evolved over several years has been turning browser extensions in Chrome and Edge ...
Dark Reading

'ShadyPanda' Hackers Weaponize Millions of Browsers

The China-based cyber-threat group has been using malicious extensions on the Google Chrome and Microsoft Edge marketplaces ...