The Hacker News

GlassWorm Supply-Chain Attack Abuses 72 Open VSX Extensions to Target Developers

GlassWorm campaign used 72 malicious Open VSX extensions and infected 151 GitHub repositories, enabling stealth supply-chain attacks on developers.

JavaScript build tool: Vite 8.0 speeds up with Rust-based bundler Rolldown

The new bundler Rolldown replaces esbuild and Rollup. With its Rust base, it enables significantly faster builds.

New PhantomRaven NPM attack wave steals dev data via 88 packages

New attack waves from the 'PhantomRaven' supply-chain campaign are hitting the npm registry, with dozens of malicious packages that exfiltrate sensitive data from JavaScript developers.
CSO Online

PhantomRaven returns to npm with 88 bad packages

Researchers at Endor Labs uncovered 88 new packages tied to new waves of the campaign, which uses remote dynamic dependencies to deliver credential-stealing malware.
XDA Developers on MSN

I added a metadata vdev to my ZFS pool and everything got faster

A simple change to your ZFS setup can drastically improve everyday tasks like browsing directories and scanning media ...