Malicious VSCode extensions with millions of installs discovered

Through the use of trojanized copies of the well-known “Dracula Official theme,” a group of Israeli researchers investigated the security of the Visual Studio Code marketplace and were able to “infect” over 100 businesses with malicious code. After more investigation, thousands of extensions with millions of installs were discovered in the VSCode Marketplace.

Microsoft Visual Studio Code (VSCode) is a source code editor that is widely used by professional software developers across the globe.

Additionally, Microsoft runs the Visual Studio Code Marketplace, an add-on marketplace for the IDE that offers upgrades that increase the functionality and personalization possibilities of the program.

Prior analyses have uncovered vulnerabilities in VSCode’s security that permit publisher and extension impersonation as well as extensions that pilfer developer authentication tokens read more about Malicious VSCode extensions with millions of installs discovered.

Get up to date on the latest cybersecurity news and enhance your knowledge of cybersecurity with our thorough coverage of the dangers, breaches, and solutions.

Leave a Reply

Your email address will not be published. Required fields are marked *