The Hacker News

Researchers Find Malicious VS Code, Go, npm, and Rust Packages Stealing Developer Data

Researchers found malicious VS Code extensions and Go, npm, and Rust packages stealing developer data via hidden payloads and exfiltration.

Malicious VSCode extensions on Microsoft's registry drop infostealers

Two malicious extensions on Microsoft's Visual Studio Code Marketplace infect developers' machines with information-stealing ...
ZDNet

Microsoft to developers: Now VS Code gets this new Edge tools extension

Microsoft has announced general availability of its new Microsoft Edge Tools for VS Code extension, which lets developers embed Edge's browser developer tools into Microsoft's popular cross-platform ...
Cybernews

New malware on Microsoft Marketplace steals passwords and screenshots of desktops

Malicious Visual Studio Code extensions disguised as dark themes and AI assistants infect developers with infostealing ...
TechRadar

Malicious AI-made extension with ransomware capabilities sneaks on to Microsoft's official VS Code marketplace - so devs beware

Malicious VS Code extension ‘susvsex’ acted as ransomware and used GitHub for command control Extension appeared AI-generated, with embedded decryption keys and suspicious metadata Microsoft removed ...