Malicious NPM packages fetch infostealer for Windows, Linux, macOS

Ten malicious packages mimicking legitimate software projects in the npm registry download an information-stealing component ...
The Hacker News

Self-Spreading 'GlassWorm' Infects VS Code Extensions in Widespread Supply Chain Attack

GlassWorm spread via 14 VS Code extensions; Solana + Google Calendar C2; stole credentials, drained 49 wallets.

Web Development: Vite+ Planned as a Unified JavaScript Toolchain

As part of ViteConf, the Vite development team announced the new Vite+ project—a command-line developer tool as a drop-in upgrade for Vite with additional features. Evan You, developer of the ...
GitHub

Inaccurate page count and credit usage in parse API response

I'm seeing wildly inaccurate page count and credit usage fields in the job result response metadata. For example, for a new parse job with a PDF that has exactly 15 ...