Visual Studio Magazine

Threat Actors Keep Weaponizing VS Code Extensions

Threat actors are still abusing Visual Studio Code extensions as an entry point, with the latest fake Prettier incident ...
Bleeping Computer

VSCode Marketplace can be abused to host malicious extensions

Researchers have found it surprisingly easy to upload malicious Visual Studio Code extensions to the VSCode Marketplace, and discovered signs of threat actors already exploiting this weakness. Visual ...

Glassworm returns once again with a third round of VS code attacks

Malware is back on the OpenVSX and Microsoft Visual Studio marketplaces, researchers are warning. In mid-September this year, ...
Bleeping Computer

Malicious crypto-stealing VSCode extensions resurface on OpenVSX

A threat actor called TigerJack is constantly targeting developers with malicious extensions published on Microsoft's Visual Code (VSCode) marketplace and OpenVSX registry to steal cryptocurrency and ...
CSOonline

TigerJack’s malicious VSCode extensions mine, steal, and stay hidden

The coordinated campaign abuses Visual Studio Code and OpenVSX extensions to steal code, mine cryptocurrency, and maintain remote control, all while posing as legitimate developer tools. In a new ...