GhostPoster attacks hide malicious JavaScript in Firefox addon logos

A new campaign dubbed 'GhostPoster' is hiding JavaScript code in the image logo of malicious Firefox extensions counting more ...
The Hacker News

GhostPoster Malware Found in 17 Firefox Add-ons with 50,000+ Downloads

GhostPoster malware hid inside 17 Firefox add-ons, abusing logo files to hijack links, inject tracking code, and run ad fraud ...

'GhostPoster' malware is designed to hijack your Firefox browser — how to stay safe

A newly discovered malware infected multiple Firefox browser add-ons with more than 50,000 downloads combined.

Firefox security warning - multiple browser addons found to be riddled with malware, so be ...

More than a dozen Firefox extensions were found to be malicious, planting backdoors and keeping track of user browsing habits ...
Cybernews

Code that works can also be malware: this WhatsApp API is stealing messages

A malicious npm WhatsApp library with 56,000 downloads secretly stole messages, credentials, and contacts in a sophisticated ...
The Hacker News

Fake OSINT and GPT Utility GitHub Repos Spread PyStoreRAT Malware Payloads

PyStoreRAT spreads via fake GitHub tools using small Python or JavaScript loaders to fetch HTA files and install a modular ...

MiniMax releases M2.1 AI model for multi-language programming versatility

MiniMax M2 was released in late October this year. The company stated that M2.1 demonstrated significant improvements in ...
Visual Studio Magazine

VS Code 1.107 (November 2025 Update) Expands Multi-Agent Orchestration, Model Management

Microsoft's November 2025 Visual Studio Code update (version 1.107) advances multi-agent orchestration for GitHub Copilot and ...
Cybernews

Vincent AI phishing vulnerability targets law firms to steal vLex logins, sensitive docs

VLex's Vincent AI assistant, used by thousands of law firms worldwide, is vulnerable to AI phishing attacks that can steal ...