Malicious VSCode extensions on Microsoft's registry drop infostealers

Two malicious extensions on Microsoft's Visual Studio Code Marketplace infect developers' machines with information-stealing ...

How to Spot a ‘Sleeper’ Browser Extension That’s Actually Malware

Malicious extensions occasionally find their way into the Chrome Web Store (and similar libraries in other browsers) by posing as legitimate add-ons. Some of them only morph into malware after gaining ...

Google raises AI stakes as OpenAI struggles to stay on top

Google's new Gemini 3 model challenges OpenAI's dominance in the global artificial intelligence (AI) race. As rivals invest ...

JavaScript turns 30: From 10-day prototype to the backbone of the modern web

Thirty years ago, Netscape and Sun Microsystems introduced JavaScript as a new, cross-platform scripting language for ...
Security Boulevard

ShadyPanda Takes its Time to Weaponize Legitimate Extensions

ShadyPanda spent seven years uploading trusted Chrome and Edge extensions, later weaponizing them for tracking, hijacking, and remote code execution. Learn how the campaign unfolded.