#vs-code-extensions

[ follow ]
#glassworm #supply-chain-security #malware #supply-chain-attack #supply-chain-malware #vulnerabilities
fromThe Hacker News
9 hours ago

Critical Flaws Found in Four VS Code Extensions with Over 125 Million Installs

CVE-2025-65717 (CVSS score: 9.1) - A vulnerability in Live Server that allows attackers to exfiltrate local files, tricking a developer into visiting a malicious website when the extension is running, causing JavaScript embedded in the page to crawl and extract files from the local development HTTP server that runs at localhost:5500, and transmit them to a domain under their control. (Remains unpatched)
Information security
Information security
fromTechzine Global
12 hours ago

Vulnerable VS Code extensions affect tens of millions of developers

Three vulnerabilities in popular VS Code extensions enable lateral movement and OS-level compromise, risking sensitive local credentials, data, and entire development environments.
Information security
fromThe Hacker News
2 weeks ago

Eclipse Foundation Mandates Pre-Publish Security Checks for Open VSX Extensions

The Eclipse Foundation will require pre-publish security checks on Open VSX Registry VS Code extensions to proactively prevent malicious or compromised extensions.
Information security
fromThe Hacker News
3 weeks ago

Malicious VS Code AI Extensions with 1.5 Million Installs Steal Developer Source Code

Two VS Code extensions steal every opened file and every code edit, exfiltrating developer data to China-based servers while functioning as AI coding assistants.
fromThe Hacker News
4 weeks ago

Evelyn Stealer Malware Abuses VS Code Extensions to Steal Developer Credentials and Crypto

The executable, for its part, decrypts and injects the main stealer payload into a legitimate Windows process ("grpconv.exe") directly in memory, allowing it to harvest sensitive data and exfiltrate it to a remote server ("server09.mentality[.]cloud") over FTP in the form of a ZIP file. Some of the information collected by the malware includes - Clipboard content Installed apps Cryptocurrency wallets Running processes Desktop screenshots
Information security
#glassworm
fromInfoWorld
3 months ago
Information security

How GlassWorm wormed its way back into developers' code - and what it says about open source security

fromInfoWorld
3 months ago
Information security

How GlassWorm wormed its way back into developers' code - and what it says about open source security

more#glassworm
Information security
fromInfoWorld
3 months ago

Self-propagating worm found in marketplaces for Visual Studio Code extensions

GlassWorm infects VS Code and OpenVSX extensions, harvesting developer credentials, deploying proxies and backdoors, draining crypto wallets, and spreading rapidly.
fromThe Hacker News
4 months ago

Over 100 VS Code Extensions Exposed Developers to Hidden Supply Chain Risks

"A leaked VSCode Marketplace or Open VSX PAT [personal access token] allows an attacker to directly distribute a malicious extension update across the entire install base," Wiz security researcher Rami McCarthy said in a report shared with The Hacker News. "An attacker who discovered this issue would have been able to directly distribute malware to the cumulative 150,000 install base."
Information security
[ Load more ]