Visual Studio Magazine

Copilot Studio Extension for VS Code Goes GA

Microsoft has released the Copilot Studio extension for Visual Studio Code to general availability, enabling teams to build, ...
Visual Studio Magazine

Buzz About VS Code Extension for Codebase Visualization

A new Visual Studio Code extension called Nogic sparked a wide-ranging Hacker News discussion, with commenters praising its ...
The Hacker News

Malicious VS Code AI Extensions with 1.5 Million Installs Steal Developer Source Code

Security researchers found two AI-branded VS Code extensions with 1.5M installs that covertly send source code and files to ...

Malicious AI extensions on VSCode Marketplace steal developer data

Marketplace that were collectively installed 1.5 million times, exfiltrate developer data to China-based servers.

GlassWorm Malware Hits macOS Through Trusted Open VSX Extensions

Cybersecurity researchers from Socket’s Threat Research team have identified a developer-compromise supply chain attack targeting macOS users, where ...
The Hacker News

Fake Moltbot AI Coding Assistant on VS Code Marketplace Drops Malware

A fake VS Code extension posing as a Moltbot AI assistant installed ScreenConnect malware, giving attackers persistent remote ...

Moltbot is now OpenClaw - but watch out, malicious 'skills' are still trying to trick victims into spreading malware

OpenClaw skills execute locally, giving attackers direct access to sensitive files Malicious crypto-themed skills rely on ...

Dangerous new malware targets macOS devices via OpenVSX extensions

GlassWorm malware is expanding to open source platforms, targeting macOS users with infostealers.

Moltbot (Formerly Clawdbot) Already Has a Malware Problem

A Microsoft Visual Studio Code extension for Moltbot turns out to actually deliver a malware payload to unsuspecting users.

New GlassWorm attack targets macOS via compromised OpenVSX extensions

A new GlassWorm malware attack through compromised OpenVSX extensions focuses on stealing passwords, crypto-wallet data, and developer credentials and configurations from macOS systems.
Fox News

Malicious Mac extensions steal crypto wallets and passwords

Mac users often assume they're safer than everyone else, especially when they stick to official app stores and trusted tools. That sense of security is exactly what attackers like to exploit. Security ...