VS Code extensions since Dec 21, 2025 fuel GlassWorm v2, installing cross-IDE malware and stealing credentials.
Malicious KICS Docker tags and VS Code versions 1.17.0, 1.19.0 enabled data exfiltration, risking exposed infrastructure ...
Microsoft's text editor 'Visual Studio Code (VSCode)' allows you to add functions and customize the appearance by introducing extensions. Security researchers released 'fake extensions that insert ...
Visual Studio Code (VSCode) allows you to use extensions to make development more convenient. It has been reported that an extension that distributes ransomware has been published on the Visual Studio ...
Two VSCode extensions exfiltrated sensitive user data to Chinese servers ChatGPT – 中文版 and ChatMoss had over 1.5 million installs combined Extensions used hidden iframes, commands, and SDKs to steal ...
Developers across popular integrated development environments (IDEs) like Visual Studio Code, Visual Studio, IntelliJ IDEA, and Cursor are at risk of running malicious extensions marked as “verified.” ...
Vulnerabilities with high to critical severity ratings affecting popular Visual Studio Code (VSCode) extensions collectively downloaded more than 128 million times could be exploited to steal local ...
Earlier today, we covered the incident of Microsoft Defender flagging the Winring0 driver inside PC monitoring and fan control apps as malicious. Although at first glance it may seem like an obvious ...
Hackers have compromised Docker images, VSCode and Open VSX extensions for the Checkmarx KICS analysis tool to harvest ...
When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works. Security researchers found malicious code hiding in two VSCode extensions Microsoft quickly ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results