Cryptopolitan

3 VS Code extensions stealing credentials for GitHub, VSX, and crypto wallets

Developers will have to contend with a dormant turned active malicious code on Visual Studio Code (VS Code) extensions, which ...
SecurityWeek

GlassWorm Malware Returns to Open VSX, Emerges on GitHub

The GlassWorm malware has reared its ugly head again in the Open VSX registry, roughly two weeks after being removed.
InfoWorld

How GlassWorm wormed its way back into developers’ code — and what it says about open source security

Weeks after being declared eradicated, GlassWorm is again infesting open source extensions using the same invisible Unicode ...
Dark Reading

GlassWorm Returns, Slices Back into VS Code Extensions

GlassWorm, a self-propagating VS Code malware first found in the Open VSX marketplace, continues to infect developer devices ...
XDA Developers on MSN

I've only kept these 6 VS Code extensions after deep-cleaning the code editor

As always, there was a coin toss to start overtime that determined who got the ball first. The referees allowed Indianapolis ...
CSO Online

Vibe-coded ransomware proof-of-concept ended up on Microsoft’s marketplace

A suspicious Visual Studio Code extension with file-encrypting and data-stealing behavior successfully bypassed marketplace ...
InfoWorld

Malicious npm packages contain Vidar infostealer

Researchers say the malware was in the repository for two weeks, advise precautions to defend against malicious packages.