Security researchers have discovered two previously undocumented malware strains targeting Linux-based network devices, confirming that financially motivated actors are now exploiting the same vulnerabilities once associated with nation-state espionage, reports Cyber Security News.
The ForceMemo attack begins with the GlassWorm malware compromising developer systems, often through malicious VS Code and Cursor extensions, to steal secrets like GitHub tokens.
Security Affairs reports that organizations across Ukraine have been targeted with Russia-linked attacks spreading the novel DRILLAPP spyware as part of a cyberespionage campaign that also exploited Microsoft Edge debugging for stealth since February.
Dozens of malicious Open VSX extensions and over 150 GitHub compromised repositories have been used as part of the intensified GlassWorm supply chain attack campaign, reports The Hacker News.
