Bleeping Computer

Malicious VSCode extensions with millions of installs discovered

A group of Israeli researchers explored the security of the Visual Studio Code marketplace and managed to "infect" over 100 organizations by trojanizing a copy of the popular 'Dracula Official theme ...
Infosecurity-magazine.com

New Attacks Exploit VSCode Extensions and npm Packages

A recent investigation by security researchers has revealed a troubling surge in malicious campaigns exploiting popular development tools, including VSCode extensions and npm packages. These campaigns ...
Neowin

Senior Microsoft exec admits mistakenly removing VSCode extensions used by "millions"

Earlier today, we covered the incident of Microsoft Defender flagging the Winring0 driver inside PC monitoring and fan control apps as malicious. Although at first glance it may seem like an obvious ...
CSOonline

TigerJack’s malicious VSCode extensions mine, steal, and stay hidden

The coordinated campaign abuses Visual Studio Code and OpenVSX extensions to steal code, mine cryptocurrency, and maintain remote control, all while posing as legitimate developer tools. In a new ...