Developers will have to contend with a dormant turned active malicious code on Visual Studio Code (VS Code) extensions, which ...

GlassWorm, a self-propagating VS Code malware first found in the Open VSX marketplace, continues to infect developer devices ...

As always, there was a coin toss to start overtime that determined who got the ball first. The referees allowed Indianapolis ...

Cybersecurity researchers have flagged a malicious Visual Studio Code (VS Code) extension with basic ransomware capabilities ...

Cybersecurity researchers have disclosed a new set of three extensions associated with the GlassWorm campaign, indicating continued attempts on part of threat actors to target the Visual Studio Code ...

A published VS Code extension didn't hide the fact that it encrypts and exfiltrates data and also failed to remove obvious signs it was AI-generated.

The GlassWorm malware campaign, which impacted the OpenVSX and Visual Studio Code marketplaces last month, has returned with ...

A new proof-of-concept attack shows that malicious Model Context Protocol servers can inject JavaScript into Cursor’s browser ...

The leak has now been fixed. According to the Open VSX team, the incident has been fully contained and closed since October ...

A suspicious Visual Studio Code extension with file-encrypting and data-stealing behavior successfully bypassed marketplace ...

The GlassWorm malware has reared its ugly head again in the Open VSX registry, roughly two weeks after being removed.