Malicious VS Code AI Extensions with 1.5 Million Installs Steal Developer Source Code

CentryNex

Cybersecurity researchers have discovered two malicious Microsoft Visual Studio Code (VS Code) extensions that are advertised as artificial intelligence (AI)-powered coding assistants, but also harbor covert functionality to siphon developer data to China-based servers.
The extensions, which have 1.5 million combined installs and are still available for download from the official Visual Studio

SOURCE:

Share the Post:

Related News

Indian Users Targeted in Tax Phishing Campaign Delivering Blackmoon Malware

Cybersecurity researchers have discovered an ongoing campaign that’s targeting Indian users with a multi-stage backdoor as part of a suspected

⚡ Weekly Recap: Firewall Flaws, AI-Built Malware, Browser Traps, Critical CVEs & More

Security failures rarely arrive loudly. They slip in through trusted tools, half-fixed problems, and habits people stop questioning. This week’s

Winning Against AI-Based Attacks Requires a Combined Defensive Approach

If there’s a constant in cybersecurity, it’s that adversaries are always innovating. The rise of offensive AI is transforming attack

Malicious VS Code AI Extensions with 1.5 Million Installs Steal Developer Source Code

CentryNex

Related News

Indian Users Targeted in Tax Phishing Campaign Delivering Blackmoon Malware

⚡ Weekly Recap: Firewall Flaws, AI-Built Malware, Browser Traps, Critical CVEs & More

Winning Against AI-Based Attacks Requires a Combined Defensive Approach

Company

Services

Contact Us