The Glassworm campaign has compromised over 151 GitHub repositories and npm packages using invisible Unicode payloads that ...

Threat actors are publishing clean extensions that later update to depend on hidden payload packages, bypassing marketplace ...

After installing the Java extensions in VS Code, the Run/Debug option does not work and the following error appears: The version of required extension "Language ...

Security researchers revealed two malicious VS Code extensions exfiltrated code snippets, API keys, and proprietary algorithms from 1.5 million developers to servers in China while masquerading as AI ...

Abstract: Recent years have witnessed the emerging trend of extensions in modern Integrated Development Environments (IDEs) like Visual Studio Code (VSCode) that significantly enhance developer ...

The threat actor known as Bloody Wolf has been attributed to a cyber attack campaign that has targeted Kyrgyzstan since at least June 2025 with the goal of delivering NetSupport RAT. As of October ...

The coordinated campaign abuses Visual Studio Code and OpenVSX extensions to steal code, mine cryptocurrency, and maintain remote control, all while posing as legitimate developer tools. In a new ...

A threat actor called TigerJack is constantly targeting developers with malicious extensions published on Microsoft's Visual Code (VSCode) marketplace and OpenVSX registry to steal cryptocurrency and ...

With "vibe coding" taking over software development with AI-driven programming and other advanced functionality, you would think the Visual Studio Code Marketplace would be flooded with new extensions ...

A set of ten VSCode extensions on Microsoft's Visual Studio Code Marketplace pose as legitimate development tools while infecting users with the XMRig cryptominer for Monero. Microsoft VSCode is a ...