OpenClaw AI: Extensions security issues expose risks of open-source AI agents

The post OpenClaw AI: Extensions Security Issues Expose Risks of Open-Source AI Agents appeared first on Android Headlines.
The Hacker News

Open VSX Supply Chain Attack Used Compromised Dev Account to Spread GlassWorm

Open VSX supply chain attack hijacked VS Code extensions delivered GlassWorm malware stealing macOS, crypto, and developer ...

Dangerous new malware targets macOS devices via OpenVSX extensions

GlassWorm malware is expanding to open source platforms, targeting macOS users with infostealers.
The Hacker News

Eclipse Foundation Mandates Pre-Publish Security Checks for Open VSX Extensions

Eclipse Foundation to require pre-publish security checks for Open VSX extensions to reduce VS Code supply-chain risk.
SecurityWeek

Open VSX Publisher Account Hijacked in Fresh GlassWorm Attack

A compromised Open VSX publisher account was used to distribute malicious extensions in a new GlassWorm supply chain attack.
Android Police

Firefox is giving Android users a sneak peek at its open extensions

Jay primarily writes news and deals posts for Android Police. Before joining AP, he spent the past several years yammering on about the crazy world of Android for various tech outlets. Besides ...

Malicious AI extensions on VSCode Marketplace steal developer data

Marketplace that were collectively installed 1.5 million times, exfiltrate developer data to China-based servers.
The Verge

Firefox’s Android app is getting proper support for extensions once again

The mobile browser currently supports a limited number of add-ons, but Mozilla hopes to launch an open ecosystem before the end of the year. The mobile browser currently supports a limited number of ...