The Hacker News

Critical Flaws Found in Four VS Code Extensions with Over 125 Million Installs

Critical vulnerabilities in four widely used VS Code extensions could enable file theft and remote code execution across 125M installs.
GitHub

react-native-community/javascriptcore

This library only supports React Native 0.79 and above with new architecture enabled.
Wall Street Journal

The Car Industry Is Racing to Replace Chinese Code

How Chinese is your car? Automakers are racing to work it out. Modern cars are packed with internet-connected widgets, many of them containing Chinese technology. Now, the car industry is scrambling ...
GitHub

NaviPartner AL Test Runner

VS Code AL Language extension PWSH 7.0 or higher Access to a Business Central environment BC25 and higher for native debugging experience (otherwise, debugging isn't possible) Authenticate against NST ...
The Australian Financial Review

‘War rooms, code reds’: Grindcore is the new hustle culture in tech

On November 28 last year, just a day after Thanksgiving, an engineer at xAI earned gushing praise from his colleagues online after posting a photograph of his Tesla Cybertruck with the caption: “Last ...
Infosecurity-magazine.com

Pyodide Sandbox Escape Enables Remote Code Execution in Grist-Core

A critical sandbox escape vulnerability in Grist-Core has been disclosed that allows remote code execution (RCE) through a single malicious spreadsheet formula. The issue was uncovered by Cyera ...
The Hacker News

Malicious VS Code AI Extensions with 1.5 Million Installs Steal Developer Source Code

Cybersecurity researchers have discovered two malicious Microsoft Visual Studio Code (VS Code) extensions that are advertised as artificial intelligence (AI)-powered coding assistants, but also harbor ...