'WhiteCobra' floods VSCode market with crypto-stealing extensions

A threat actor named WhiteCobra has targeting VSCode, Cursor, and Windsurf users by planting 24 malicious extensions in the ...
Cybernews

Vibe coders lose crypto after installing extensions on popular marketplaces

Programmers using popular AI tools (Cursor, Windsurf, VSCode) get their crypto stolen by hackers, who infiltrate extension marketplaces.

VSCode extensions pulled over security risks, but millions of users have already installed

Security researchers found malicious code hiding in two VSCode extensions Microsoft quickly pulled them and notifies users ...
GIGAZINE

A report that a fake VSCode extension was created and downloaded and that a flaw in the VSCode extension system that makes it easy to insert malicious code was also revealed

Microsoft's text editor 'Visual Studio Code (VSCode)' allows you to add functions and customize the appearance by introducing extensions. Security researchers released 'fake extensions that insert ...

VSCode market struck by huge influx of malicious WhiteCobra extensions - so be warned

Last week, BleepingComputer reported that researchers discovered two dozen malicious extensions in the Visual Studio ...
Infosecurity-magazine.com

New Attacks Exploit VSCode Extensions and npm Packages

A recent investigation by security researchers has revealed a troubling surge in malicious campaigns exploiting popular development tools, including VSCode extensions and npm packages. These campaigns ...
Visual Studio Magazine

Python in VS Code Does Browser-Based Editing via 'github.dev' Trick

New functionality to quickly launch Visual Studio Code in the browser is being infused into more dev tooling, including the Python extension that uses the Pylance language server for language-specific ...