Cybernews

North Korea is turning open-source projects into malware traps

North Korea is doubling down on a familiar playbook by weaponizing trust in open-source software and developer workflows. The ...
Techzine Europe

Misuse of VS Code tasks poses risk to developers

Security researchers are increasingly citing Visual Studio Code as part of supply chain attacks on developers. Researchers at Jamf recently identified ...

Malicious AI extensions on VSCode Marketplace steal developer data

Marketplace that were collectively installed 1.5 million times, exfiltrate developer data to China-based servers.
SecurityWeek

North Korean Hackers Target macOS Developers via Malicious VS Code Projects

North Korean hackers target macOS developers with malware hidden in Visual Studio Code task configuration files.
Visual Studio Magazine

Buzz About VS Code Extension for Codebase Visualization

A new Visual Studio Code extension called Nogic sparked a wide-ranging Hacker News discussion, with commenters praising its ...
Dark Reading

'Contagious Interview' Attack Now Delivers Backdoor Via VS Code

Once trust is granted to the repository's author, a malicious app executes arbitrary commands on the victim's system with no ...
CSO Online

Contagious Interview turns VS Code into an attack vector

Threat actors behind the campaign are abusing Microsoft Visual Studio Code’s trusted workflows to execute and persist ...