Visual Studio Magazine

VS Code Team Member Blames User Trust Decisions in Repo-Based Attacks

In a a robust Hacker News thread sparked by Jamf Threat Labs research, a VS Code team member defended the editor's Workspace ...
Bleeping Computer

Malicious AI extensions on VSCode Marketplace steal developer data

Two malicious extensions in Microsoft’s Visual Studio Code (VSCode) Marketplace that were collectively installed 1.5 million times exfiltrate developer data to China-based servers. Both extensions are ...

Fake AI Chrome extensions with 300K users steal credentials, emails

A set of 30 malicious Chrome extensions that have been installed by more than 300,000 users are masquerading as AI assistants to steal credentials, email content, and browsing information.
SecurityWeek

VS Code Configs Expose GitHub Codespaces to Attacks

Attackers can abuse VS Code configuration files for RCE when a GitHub Codespaces user opens a repository or pull request.
SecurityWeek

Over 300 Malicious Chrome Extensions Caught Leaking or Stealing User Data

More than 300 Chrome extensions were found to be leaking browser data, spying on users, or stealing user information.

GlassWorm Malware Hits macOS Through Trusted Open VSX Extensions

Cybersecurity researchers from Socket’s Threat Research team have identified a developer-compromise supply chain attack ...

Coupert: The Free Browser Extension That Automatically Finds Coupons, Cash Back & Better Prices

The post Coupert: The Free Browser Extension That Automatically Finds Coupons, Cash Back & Better Prices appeared first on Android Headlines.
Technobezz on MSN

GlassWorm malware hits macOS via compromised VS Code extensions

Malware targets macOS developers via compromised VS Code extensions, stealing credentials and crypto data via blockchain-based C2..