Bleeping Computer

'WhiteCobra' floods VSCode market with crypto-stealing extensions

A threat actor named WhiteCobra has targeting VSCode, Cursor, and Windsurf users by planting 24 malicious extensions in the Visual Studio marketplace and the Open VSX registry. The campaign is ongoing ...
The Hacker News

Over 100 VS Code Extensions Exposed Developers to Hidden Supply Chain Risks

New research has uncovered that publishers of over 100 Visual Studio Code (VS Code) extensions leaked access tokens that ...
Yahoo Finance

Metabob Launches New AI generative VSCode Extension for Revolutionary Software Code Debugging and Refactoring Tool

PALO ALTO, Calif., May 04, 2023 (GLOBE NEWSWIRE) -- Metabob announced today a new artificial intelligence (AI)-powered virtual studio code (VSCode) extension for its debugging and refactoring tool ...
Bleeping Computer

Malicious VSCode extension in Cursor IDE led to $500K crypto theft

A fake extension for the Cursor AI IDE code editor infected devices with remote access tools and infostealers, which, in one case, led to the theft of $500,000 in cryptocurrency from a Russian crypto ...
CSO Online

Threat actors are spreading malicious extensions via VS marketplaces

There isn’t a consistent threat model for extension marketplaces yet, McCarthy said, making it difficult for any platform to ...
TechRadar

VSCode market struck by huge influx of malicious WhiteCobra extensions - so be warned

Researchers found 24 malicious extensions in Visual Studio Marketplace and Open VSX Registry deploying Lumma Stealer and other malware The attack targeted cryptocurrency holders and developers, with ...
CSO Online

TigerJack’s malicious VSCode extensions mine, steal, and stay hidden

The coordinated campaign abuses Visual Studio Code and OpenVSX extensions to steal code, mine cryptocurrency, and maintain ...