All articles tagged with #vscode
A renewed GlassWorm supply-chain campaign has compromised 433 components across GitHub, npm, and VSCode/OpenVSX, spreading via compromised accounts, obfuscated code, and a Solana-based C2 to harvest wallet data, credentials, and environment info; indicators include marker lzcdrtfxyqiplpd and init.json persistence, with warnings to inspect for rogue Node.js installs and unusual commit histories.
Security researchers flagged a fake Moltbot AI coding assistant extension for Visual Studio Code that auto-runs on launch, fetches payloads from malicious domains, and installs a remote-access backdoor (via ScreenConnect) with a DLL sideloading fallback, highlighting broader Moltbot misconfigurations and credential exposure across deployments.
Security researchers uncovered two VS Code extensions marketed as AI coding assistants—ChatGPT-中文版 and ChatMoss—that secretly siphon every opened file and edits to China-based servers, with about 1.5 million total installs; the same spyware runs in both extensions and can exfiltrate up to 50 files on command, plus a hidden iframe loads Chinese analytics SDKs for device fingerprinting. The report also highlights six zero-day flaws in JavaScript package managers (PackageGate) affecting npm, pnpm, vlt, and Bun, with npm declining to fix them; guidance emphasizes vetting packages, disabling lifecycle scripts, and enforcing strong token and 2FA practices to secure the software supply chain.
Forked AI-powered IDEs based on VSCode recommend extensions that are not in the official OpenVSX registry, creating a security vulnerability where threat actors can claim unregistered namespaces to upload malicious extensions. Researchers identified this issue, coordinated with affected parties, and took measures to block malicious namespace claims, advising users to verify extension sources manually.
The article discusses the beta release of Zed with native support for Claude, highlighting its speed and architectural strengths, but also noting issues with AI autocomplete accuracy, UI performance, and configuration complexity. Users compare Zed to other editors like Cursor, VSCode, and Neovim, emphasizing the importance of speed, extensibility, and user-friendly features. The discussion reflects a broader industry interest in lightweight, fast editors with robust AI integration and customizable interfaces.
Malicious extensions were uploaded to Microsoft's VSCode Marketplace, which were downloaded 46,600 times by Windows developers. The malware enabled threat actors to steal credentials, system information, and establish a remote shell on the victim's machine. While the extensions were removed, developers must manually remove them from their systems and run a complete scan to detect any remnants of the infection. Users are advised to only install extensions from trusted publishers with many downloads and community ratings, read user reviews, and always inspect the extension's source code before installing it.