Glassworm malware returns in third wave of malicious VS Code packages

The Glassworm campaign, which first emerged on the OpenVSX and Microsoft Visual Studio marketplaces in October, is now in its third wave, with 24 new packages added on the two platforms.
SecurityWeek

CISA Warns of ScadaBR Vulnerability After Hacktivist ICS Attack

CISA warns of an old ‘OpenPLC ScadaBR’ flaw that was recently leveraged by hackers to deface what they believed to be an ICS.