The GlassWorm campaign has resurfaced within the developer community, though the adversaries have adopted a more surreptitious operational profile. Rather than disseminating overtly malicious extensions via OpenVSX, they initially publish innocuous facsimiles of popular...
The clandestine update of an antiquated Visual Studio Code extension has precipitously metamorphosed into a targeted siege upon blockchain architects. A triad of IoliteLabs extensions, engineered for Solidity, were abruptly infected with venomous architecture,...
Developers are being besieged en masse with terrifying claims of “critical vulnerabilities” directly within the hallowed halls of GitHub, yet a profoundly different motive lurks beneath these alarming admonitions. According to a dispatch from...
Popular IDEs with AI assistants—such as Cursor, Windsurf, Google Antigravity, and Trae—have been found vulnerable to a supply-chain attack. These environments prompt users to install extensions that are absent from the OpenVSX catalog. The...
A new wave of malicious extensions has been uncovered in the Open VSX extension marketplace, which is used by millions of developers worldwide. Researchers at Koi Security warn that attackers are seeding the catalog...
At the end of November, a team of bug hunters uncovered an infection chain that began with a seemingly harmless GitHub repository. Masquerading as a Visual Studio Code project, it concealed VBScript files linked...
The Glassworm campaign targeting popular Visual Studio Code extensions has entered yet another phase — researchers are now documenting a third wave of malicious uploads to the OpenVSX repository and the Microsoft Visual Studio...
Hackers have unleashed a new self-propagating malware dubbed GlassWorm, which first infiltrated the Visual Studio Code extension ecosystem via the OpenVSX marketplace. Researchers at Koi Security found that the worm conceals malicious code using...
The hacker collective WhiteCobra has launched a large-scale campaign targeting users of popular code editors including VS Code, Cursor, and Windsurf. Researchers at Koi Security uncovered 24 malicious extensions hosted on official repositories such...
Experts at ReversingLabs have uncovered a critical loophole in the VS Code Marketplace. The platform allows new extensions to be published under the same names previously used by other packages, provided those packages were...