Malicious VSCode extensions found in Marketplace steal data and credentials, exposing global developers to major supply chain risks.

A recent discovery has shaken the Visual Studio Code (VSCode) ecosystem, unveiling a sophisticated supply chain attack targeting developers worldwide. At least a dozen malicious extensions were identified in the official VSCode Marketplace, with four remaining active as of the time of reporting. These plugins, some disguised as legitimate productivity tools, infiltrated developer environments, laying […] The post 12 Malicious Extension in VSCode Marketplace Steal Source Code and Exfiltrate Login Credentials appeared first on Cyber Security News.