WeLiveSecurity

MuddyWater: Snakes by the riverbank

MuddyWater targets critical infrastructure in Israel and Egypt, relying on custom malware, improved tactics, and a predictable playbook.

Valve sleuth says new datamine is "effectively direct confirmation" of Team Fortress 2 being ported to Source 2

A new datamine appears to confirm that a mysterious Valve project is directly related to TF2, sparking sequel and remaster ...
SecurityWeek

Vulnerability in OpenAI Coding Agent Could Facilitate Attacks on Developers

The Codex CLI vulnerability tracked as CVE-2025-61260 can be exploited for command execution. OpenAI recently patched a Codex ...

Glassworm malware returns in third wave of malicious VS Code packages

The Glassworm campaign, which first emerged on the OpenVSX and Microsoft Visual Studio marketplaces in October, is now in its third wave, with 24 new packages added on the two platforms.
Developer Tech

OpenAI Codex CLI patch closes major supply chain vulnerability

A major supply chain vulnerability in the OpenAI Codex CLI has been patched after discovery by Check Point Research.