#vs-code-extensions tag

1 week ago

Malicious VS Code AI Extensions with 1.5 Million Installs Steal Developer Source Code

Two VS Code extensions steal every opened file and every code edit, exfiltrating developer data to China-based servers while functioning as AI coding assistants.

2 weeks ago

Evelyn Stealer Malware Abuses VS Code Extensions to Steal Developer Credentials and Crypto

The executable, for its part, decrypts and injects the main stealer payload into a legitimate Windows process ("grpconv.exe") directly in memory, allowing it to harvest sensitive data and exfiltrate it to a remote server ("server09.mentality[.]cloud") over FTP in the form of a ZIP file. Some of the information collected by the malware includes - Clipboard content Installed apps Cryptocurrency wallets Running processes Desktop screenshots

Information security

#glassworm

fromInfoWorld

Information security

How GlassWorm wormed its way back into developers' code - and what it says about open source security

Information security

GlassWorm Malware Discovered in Three VS Code Extensions with Thousands of Installs

fromTechzine Global

Information security

Invisible malware spreads via VS Code extensions

fromInfoWorld

Information security

How GlassWorm wormed its way back into developers' code - and what it says about open source security

Information security

GlassWorm Malware Discovered in Three VS Code Extensions with Thousands of Installs

fromTechzine Global

Information security

Invisible malware spreads via VS Code extensions

Self-propagating worm found in marketplaces for Visual Studio Code extensions

GlassWorm infects VS Code and OpenVSX extensions, harvesting developer credentials, deploying proxies and backdoors, draining crypto wallets, and spreading rapidly.

Information security

fromTheregister

Devs of VS Code extensions are leaking secrets en masse

VS Code extensions frequently expose sensitive secrets, enabling potential large-scale supply chain attacks.