VSCode IDE forks expose users to "recommended extension" attacks

Popular AI-powered integrated development environment solutions, such as Cursor, Windsurf, Google Antigravity, and Trae, ...
GitHub

CodeSonar Extension for Visual Studio Code

This extension from CodeSecure provides access to static code analysis results from a CodeSonar hub inside Visual Studio Code. You will also need access to a CodeSonar hub running CodeSonar 7.1p0 or ...

New GlassWorm malware wave targets Macs with trojanized crypto wallets

A fourth wave of the "GlassWorm" campaign is targeting macOS developers with malicious VSCode/OpenVSX extensions that deliver ...
GitHub

material-extensions/vscode-material-product-icons

The product icons can be activated via command palette: ...
cybernews

New malware on Microsoft Marketplace steals passwords and screenshots of desktops

Some developers thought they were installing a dark theme and an AI assistant on their VS Code. However, it turned out to be malware that stole their data. Researchers at Koi, a cybersecurity firm, ...
The Hacker News

Researchers Find Malicious VS Code, Go, npm, and Rust Packages Stealing Developer Data

Cybersecurity researchers have discovered two new extensions on Microsoft Visual Studio Code (VS Code) Marketplace that are designed to infect developer machines with stealer malware. The VS Code ...