Visual Studio Magazine

VS Code Team Member Blames User Trust Decisions in Repo-Based Attacks

In a a robust Hacker News thread sparked by Jamf Threat Labs research, a VS Code team member defended the editor's Workspace ...

Fake AI Chrome extensions with 300K users steal credentials, emails

A set of 30 malicious Chrome extensions that have been installed by more than 300,000 users are masquerading as AI assistants ...

Malicious Microsoft AI extensions might have hit over 1.5 million users

Two VSCode extensions are harvesting sensitive data and sending it to China.
SecurityWeek

VS Code Configs Expose GitHub Codespaces to Attacks

Attackers can abuse VS Code configuration files for RCE when a GitHub Codespaces user opens a repository or pull request.

GlassWorm Malware Hits macOS Through Trusted Open VSX Extensions

Cybersecurity researchers from Socket’s Threat Research team have identified a developer-compromise supply chain attack ...

OpenClaw AI: Extensions Security Issues Expose Risks of Open-Source AI Agents

The post OpenClaw AI: Extensions Security Issues Expose Risks of Open-Source AI Agents appeared first on Android Headlines.
WinBuzzer

Malicious VS Code Extensions Steal Code from 1.5M Developers

Two malicious VS Code extensions have exfiltrated code snippets, API keys, and proprietary algorithms from 1.5 million ...
Technobezz on MSN

GlassWorm malware hits macOS via compromised VS Code extensions

Malware targets macOS developers via compromised VS Code extensions, stealing credentials and crypto data via ...