Attackers have compromised legitimate npm and Go package repositories to distribute malware that uses VS Code task automation to silently install Python-based information-stealing malware on developer machines. You should immediately audit your organizati
Attackers have compromised legitimate npm and Go package repositories to distribute malware that uses VS Code task automation to silently install Python-based information-stealing malware on developer machines. You should immediately audit your organizati
Read the full article: https://thehackernews.com/2026/06/hijacked-npm-and-go-packages-use-vs.html
Run a free 10-point security scan on your site — headers, SSL, DNS, and more. Results in 15 seconds.
Test Your Site Now — It's Free