GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, ...
TechJuice

GlassWorm Malware Silently Infects Hundreds of Python Projects

GlassWorm attack uses stolen GitHub tokens to inject malware into Python repositories, exposing developers to supply chain risks.

Oracle releases Java26, with new Java Verified Portfolio

At the JavaOne conference today, Oracle made a series of announcements related to a new Java Verified Portfolio (JVP) and new JDK Enhancement Proposals (JEPs).