'WhiteCobra' floods VSCode market with crypto-stealing extensions

A threat actor named WhiteCobra has targeting VSCode, Cursor, and Windsurf users by planting 24 malicious extensions in the ...
The Hacker News

Chinese TA415 Uses VS Code Remote Tunnels to Spy on U.S. Economic Policy Experts

The campaign, per Proofpoint, mainly focused on individuals who specialized in international trade, economic policy, and U.S.-China relations, sending them emails spoofing the U.S.-China Business ...
Cybernews

Vibe coders lose crypto after installing extensions on popular marketplaces

Programmers using popular AI tools (Cursor, Windsurf, VSCode) get their crypto stolen by hackers, who infiltrate extension marketplaces.
Bleeping Computer

VSCode extensions with 9 million installs pulled over security risks

Microsoft has removed two popular VSCode extensions, 'Material Theme – Free' and 'Material Theme Icons – Free,' from the Visual Studio Marketplace for allegedly containing malicious code. The two ...