Vibe-Coded Malicious VS Code Extension Found with Built-In Ransomware Capabilities
Cybersecurity researchers have flagged a malicious Visual Studio Code (VS Code) extension…
Malicious VSX Extension “SleepyDuck” Uses Ethereum to Keep Its Command Server Alive
Nov 03, 2025Ravie LakshmananCryptocurrency / Threat Intelligence Cybersecurity researchers have flagged a…
Eclipse Foundation Revokes Leaked Open VSX Tokens Following Wiz Discovery
Oct 31, 2025Ravie LakshmananMalware / Secure Coding Eclipse Foundation, which maintains the…
Self-Spreading ‘GlassWorm’ Infects VS Code Extensions in Widespread Supply Chain Attack
Oct 24, 2025Ravie LakshmananDevOps / Malware Cybersecurity researchers have discovered a self-propagating…
Hackers Breach Toptal GitHub, Publish 10 Malicious npm Packages With 5,000 Downloads
Jul 28, 2025Ravie LakshmananMalware / Developer Tools In what's the latest instance…
New Flaw in IDEs Like Visual Studio Code Lets Malicious Extensions Bypass Verified Status
Jul 01, 2025Ravie LakshmananDeveloper Security / Software Development A new study of…