GlassWorm, a known malware, has put 73 harmful extensions into OpenVSX's registry. Hackers use it to steal developers' crypto ...
Attackers continue to scale a campaign to seed Open VSX with seemingly benign VS Code extensions that spread self-propagating ...
VS Code extensions since Dec 21, 2025 fuel GlassWorm v2, installing cross-IDE malware and stealing credentials.
How-To Geek on MSN
10 VS Code extensions I can't live without
Try these extensions and you'll wonder how you ever lived without them!
Checkmarx suffers a second supply chain attack in a month, resulting in hackers injecting credential-stealing malware into ...
Malicious KICS Docker tags and VS Code versions 1.17.0, 1.19.0 enabled data exfiltration, risking exposed infrastructure ...
Aikido Security today launched Aikido Endpoint, a lightweight security agent that protects developer devices against software ...
Microsoft has embedded GitHub Copilot as a default VS Code extension in version 1.116, adding agent debug logging, terminal ...
A supply chain attack campaign is spreading invisible malicious code across GitHub, npm, and the VS Code extension marketplace, with more than 151 compromised repositories identified so far. According ...
Hundreds of GitHub accounts were accessed using credentials stolen in the VS Code GlassWorm campaign. Threat actors have been abusing credentials stolen in the VS Code GlassWorm campaign to hack ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results