The Hacker News

Critical Flaws Found in Four VS Code Extensions with Over 125 Million Installs

Critical vulnerabilities in four widely used VS Code extensions could enable file theft and remote code execution across 125M ...
CSO Online

Flaws in four popular VS Code extensions left 128 million installs open to attack

Three of the four vulnerabilities remained unpatched months after OX Security reported them to the maintainers.

Flaws in popular VSCode extensions expose developers to attacks

Vulnerabilities with high to critical severity ratings affecting popular Visual Studio Code (VSCode) extensions collectively downloaded more than 128 million times could be exploited to steal local ...
Infosecurity Magazine

Flaws in Popular Software Development App Extensions Allow Data Exfiltration

Four serious new vulnerabilities affect Microsoft Visual Studio Code, Cursor and Windsurf extensions, three of which remain ...
Infosecurity-magazine.com

Malicious Microsoft VS Code Extensions Used in Cryptojacking Campaign

An unknown threat actor is deploying a large-scale, sophisticated cryptojacking campaign through a series of malicious extensions in Visual Studio Code, Microsoft’s lightweight source-code editor, ...
Techzine Europe

Vulnerable VS Code extensions affect tens of millions of developers

Security researchers have discovered three serious vulnerabilities in four popular VS Code extensions, which have been downloaded more than 120 million ...
マイナビニュース

VSCodeの個人情報盗む不正な拡張機能が配布、4.5万超ダウンロード

Check Point Software Technologiesは5月16日(米国時間)、「Malicious VSCode extensions with more than 45K downloads steal PII and enable backdoors - Check Point ...
MSN による配信

I've only kept these 6 VS Code extensions after deep-cleaning the code editor

Besides its lightweight design and compatibility with all major operating systems, a massive collection of extensions is one of the biggest perks of VS Code. While the code editor is fairly powerful ...