CSO Online

TigerJack’s malicious VSCode extensions mine, steal, and stay hidden

The coordinated campaign abuses Visual Studio Code and OpenVSX extensions to steal code, mine cryptocurrency, and maintain ...

Self-spreading GlassWorm malware hits OpenVSX, VS Code registries

A new and ongoing supply-chain attack is targeting developers on the OpenVSX and Microsoft Visual Studio marketplaces with ...

Dangerous and invisible worm found in Visual Studio Code extensions

A malware that steals credentials and cryptocurrencies uses Unicode for invisible code and installs a remote access trojan.
SecurityWeek

Supply Chain Attack Targets VS Code Extensions With ‘GlassWorm’ Malware

Visual Studio developers are targeted with a self-propagating worm in a sophisticated supply chain attack through the OpenVSX ...

Malicious crypto-stealing VSCode extensions resurface on OpenVSX

A threat actor called TigerJack is constantly targeting developers with malicious extensions published on Microsoft's Visual ...