A published VS Code extension didn't hide the fact that it encrypts and exfiltrates data and also failed to remove obvious signs it was AI-generated.
Cryptopolitan on MSN
Malicious VS Code extensions resurface, stealing GitHub credentials and crypto wallets
Developers will have to contend with a dormant turned active malicious code on Visual Studio Code (VS Code) extensions, which ...
Microsoft's unified agent experience in VS Code consolidates Copilot, Codex, and custom agents, introducing Agent Sessions, a ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback