Cybercriminals are starting to target Microsoft's VSCode Marketplace, uploading three malicious Visual Studio extensions that Windows developers downloaded 46,600 times. According to Check Point, ...
VS Code extensions since Dec 21, 2025 fuel GlassWorm v2, installing cross-IDE malware and stealing credentials.
Two malicious VSCode Marketplace extensions were found deploying in-development ransomware, exposing critical gaps in Microsoft's review process. The extensions, named "ahban.shiba" and ...
Careless developers publishing Visual Studio extensions to two open marketplaces have been including access tokens and other secrets that can be exploited by threat actors, a security vendor has found ...
Researchers found 24 malicious extensions in Visual Studio Marketplace and Open VSX Registry deploying Lumma Stealer and other malware The attack targeted cryptocurrency holders and developers, with ...
Developers across popular integrated development environments (IDEs) like Visual Studio Code, Visual Studio, IntelliJ IDEA, and Cursor are at risk of running malicious extensions marked as “verified.” ...
Earlier today, we covered the incident of Microsoft Defender flagging the Winring0 driver inside PC monitoring and fan control apps as malicious. Although at first glance it may seem like an obvious ...
Threat actors continue to probe Visual Studio Code's extension ecosystem, and a late November incident shows how quickly a trusted developer tool can be turned into a supply chain beachhead. In a ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results