Attackers continue to scale a campaign to seed Open VSX with seemingly benign VS Code extensions that spread self-propagating ...
Cryptopolitan on MSN
Hacker target the OpenVSX ecosystem to steal crypto wallets
GlassWorm, a known malware, has put 73 harmful extensions into OpenVSX's registry. Hackers use it to steal developers' crypto ...
Malicious KICS Docker tags and VS Code versions 1.17.0, 1.19.0 enabled data exfiltration, risking exposed infrastructure ...
A malicious version of the Bitwarden command-line interface (CLI) password manager was briefly distributed via the Node ...
Microsoft is making Visual Studio more agentic. New tools handle remote coding tasks and analyze live app behavior to find ...
VS Code 1.117 adds bring-your-own model key support for Copilot Business and Enterprise users and introduces a set of chat, agent, terminal, and TypeScript updates.
Ready to supercharge your workflow? Microsoft just made VS Code more flexible than ever with local model support and a ...
VS Code extensions since Dec 21, 2025 fuel GlassWorm v2, installing cross-IDE malware and stealing credentials.
Visual Studio Code 1.117 adds Copilot BYOK, faster chat streaming, and terminal fixes, giving developers more control.
A new wave of the Glassworm campaign is targeting the OpenVSX ecosystem with 73 "sleeper" extensions that turn malicious ...
Socket has notified the Eclipse Foundation, which oversees the Open VSX marketplace, of the latest fraudulent additions, and Burckhardt expects that by now all 73 have been deleted.
Some results have been hidden because they may be inaccessible to you
Show inaccessible results