Sweden probes reported leak of e-government platform source code

Hackers claimed to have leaked the source code of the Swedish e-government services platform, creating widespread concerns of more incoming exploits through unpatched vulnerabilities.
The Hacker News

GlassWorm Supply-Chain Attack Abuses 72 Open VSX Extensions to Target Developers

GlassWorm campaign used 72 malicious Open VSX extensions and infected 151 GitHub repositories, enabling stealth supply-chain attacks on developers.

AppsFlyer Web SDK used to spread crypto stealer JavaScript code

Malicious JavaScript code delivered by the AppsFlyer Web SDK hijacked cryptocurrency, potentially in a supply-chain attack.
Tom's Hardware on MSN

Invisible malicious code attacks 151 GitHub repos and VS Code

The technique exploits Unicode Private Use Area characters, which render as zero-width whitespace in virtually every code editor and terminal.