GlassWorm malware returns on OpenVSX with 3 new VSCode extensions

The GlassWorm malware campaign, which impacted the OpenVSX and Visual Studio Code marketplaces last month, has returned with ...

Malicious AI-made extension with ransomware capabilities sneaks on to Microsoft's official ...

A malicious extension was published on Microsoft ’s official VS Code marketplace, and was able to remain there for some time ...
CSO Online

Vibe-coded ransomware proof-of-concept ended up on Microsoft’s marketplace

A suspicious Visual Studio Code extension with file-encrypting and data-stealing behavior successfully bypassed marketplace ...
The Hacker News

Vibe-Coded Malicious VS Code Extension Found with Built-In Ransomware Capabilities

Cybersecurity researchers have flagged a malicious Visual Studio Code (VS Code) extension with basic ransomware capabilities ...
Dark Reading

'Ransomvibing' Infests Visual Studio Extension Market

A published VS Code extension didn't hide the fact that it encrypts and exfiltrates data and also failed to remove obvious signs it was AI-generated.
Techzine Europe

Invisible malware spread via VS Code extensions

The leak has now been fixed. According to the Open VSX team, the incident has been fully contained and closed since October ...
Visual Studio Magazine

Microsoft Details How 'Agents Took Over VS Code in 2025'

Microsoft's unified agent experience in VS Code consolidates Copilot, Codex, and custom agents, introducing Agent Sessions, a ...