InfoWorld

Flaws in four popular VS Code extensions left 128 million installs open to attack

Three of the four vulnerabilities remained unpatched months after OX Security reported them to the maintainers.
CoinDesk

IoTeX offers cross-bridge hackers 10% bounty if they return $4.4 million within 48 hours

A private key compromise drained millions from IoTeX’s ioTube bridge, with analysts disputing total losses and warning recovery via THORChain may prove difficult.