DarkGPT: Malicious Visual Studio Code Extension Targeting Developers
Malicious extensions are lurking in the Visual Studio Code marketplace. In this case, we discover and analyze DarkGPT, a Visual Studio Code extension that exploits DLL hijacking to load malicious…
Read the full articleYou might also wanna read
Malicious VS Code AI Extensions with 1.5M Installs Secretly Harvest Developer Codebases
Two popular AI coding extensions with 1.5M installs secretly harvest your entire codebase and profile you. Both are still live in the market
GitHub Breach Traced to Malicious 'Nx Console' VS Code Extension
A threat actor compromised an Nx developer and posed as a legitimate maintainer to publish a malicious extension on Visual Studio Marketplac
GitHub Confirms Breach of Internal Repositories Via Malicious VS Code Extension
The prolific threat group TeamPCP has claimed a hack into GitHub’s internal repositories

The Wild West of VS Code extensions and how a poisoned extension breached GitHub
A poisoned VS Code extension breached GitHub yesterday, one day after Nx Console (2.2M installs) was compromised for 18 minutes on the Visua
North Korean Hackers Exploit Visual Studio Code to Deploy Backdoor Malware via Git Repositories
Jamf Threat Labs uncovers North Korean hackers exploiting VS Code to deploy backdoor malware via malicious Git repositories in the Contagiou
GlassWorm: First Self-Propagating Worm Targets VS Code Extensions with Invisible Code
A month after Shai Hulud became the first self-propagating worm in the npm ecosystem, we just discovered the world's first worm targeting VS

Comments
Sign in to join the conversation.
No comments yet. Be the first.