News

Malicious VSCode extension in Cursor IDE led to $500K crypto theft
A fake extension for the Cursor AI IDE code editor infected devices with remote access tools and infostealers, which, in one ...
CSO Online11d
Verified, but vulnerable: Malicious extensions exploit IDE trust badges
Once thought to be a reliable indicator of trust, the blue ‘check’ icon next to an extension’s name can now be spoofed.
Bleeping Computer1y
Malicious VSCode extensions with millions of installs discovered
The extension quickly gained traction, getting mistakenly installed by multiple high-value targets, including a publicly listed company with a $483 billion market cap, major security companies ...
TechRadar4mon
VSCode extensions pulled over security risks, but millions of users ...
Security researchers found malicious code hiding in two VSCode extensions; Microsoft quickly pulled them and notifies users; The developer criticized Microsoft's move, saying they were never consulted ...
ZDNet5y
Microsoft boosts programming language Python's popular VS Code ... - ZDNET
The popular Python for VS Code extension now has almost 15 million installs from Microsoft's VS Code extension marketplace, making it by far the most popular extension distributed on the site.