SecurityWeek

VS Code Configs Expose GitHub Codespaces to Attacks

Attackers can abuse VS Code configuration files for RCE when a GitHub Codespaces user opens a repository or pull request.

Moltbot is now OpenClaw - but watch out, malicious 'skills' are still trying to trick victims into spreading malware

OpenClaw, formerly Clawdbot and Moltbot, faces malware attacks as fake skills and extensions exploit trust in local AI tools.

Linux users report Microsoft's Visual Studio Code Snap package isn't actually deleting files

Many have run out of disk space entirely ...
Tom's Hardware on MSN

Malicious OpenClaw ‘skill’ targets crypto users on ClawHub — 14 malicious skills were uploaded to ClawHub last month

Security researchers are warning that the growing ecosystem around ‘OpenClaw,’ the self-hosted AI assistant formerly known as ...
GamingOnLinux

Sphinx and the Cursed Mummy remaster gets a big upgrade

The Sphinx and the Cursed Mummy remaster from 2017 (originally released in 2003) has seen a big upgrade arrive for the ...
InfoWorld

Visual Studio Code update shines on coding agents

Visual Studio Code 1.109 introduces enhancements for providing agents with more skills and context and managing multiple ...
Microsoft

Infostealers without borders: macOS, Python stealers, and platform abuse

How modern infostealers target macOS systems, leverage Python‑based stealers, and abuse trusted platforms and utilities to ...