Two VSCode extensions are harvesting sensitive data and sending it to China.

Marketplace that were collectively installed 1.5 million times, exfiltrate developer data to China-based servers.

These need to be uninstalled manually ...

Marking its 30th anniversary on Thursday, the world’s most popular programming language faces a bitter ongoing custody battle rather than a celebration. Creators and community leaders are stepping up ...

A suspicious Visual Studio Code extension with file-encrypting and data-stealing behavior successfully bypassed marketplace review and entered the developer ecosystem. In a suspected test effort, ...

Cybersecurity researchers have discovered a self-propagating worm that spreads via Visual Studio Code (VS Code) extensions on the Open VSX Registry and the Microsoft Extension Marketplace, ...

(1: getPackageScopeConfig (node:internal/modules/package_json_reader:160:33), 1) (2: getPackageJSONURL (node:internal/modules/package_json_reader:237:25), 1) (3 ...

A set of ten VSCode extensions on Microsoft's Visual Studio Code Marketplace pose as legitimate development tools while infecting users with the XMRig cryptominer for Monero. Microsoft VSCode is a ...

Developers using Microsoft’s Visual Studio Code (VSCode) editor are being warned to delete, or at least stay away from, 10 newly published extensions which will trigger the installation of a ...

Cybersecurity researchers have uncovered two malicious extensions in the Visual Studio Code (VSCode) Marketplace that are designed to deploy ransomware that's under development to its users. The ...

Abstract: Recent years have witnessed the emerging trend of extensions in modern Integrated Development Environments (IDEs) like Visual Studio Code (VSCode) that significantly enhance developer ...