GlassWorm, a known malware, has put 73 harmful extensions into OpenVSX's registry. Hackers use it to steal developers' crypto ...
Socket has notified the Eclipse Foundation, which oversees the Open VSX marketplace, of the latest fraudulent additions, and Burckhardt expects that by now all 73 have been deleted.
VS Code extensions since Dec 21, 2025 fuel GlassWorm v2, installing cross-IDE malware and stealing credentials.
How-To Geek on MSN
10 VS Code extensions I can't live without
Try these extensions and you'll wonder how you ever lived without them!
The Bitwarden CLI NPM package compromise is tied to a Checkmarx supply chain attack and references the Shai-Hulud worm.
The new version of the programming language with a Go backend is said to be ten times faster than its predecessor, which used ...
Microsoft officially announced TypeScript 7.0 Beta on April 21, 2026. The company says TypeScript 7.0 is often 10 times faster than 6.0. The beta ships through @typescript/native-preview@beta and tsgo ...
Aikido Security is launching Aikido Endpoint, a lightweight agent designed to protect developers’ endpoints against supply ...
GHENT, Belgium, April 20, 2026 (GLOBE NEWSWIRE) -- Aikido Security today launched Aikido Endpoint, a lightweight security agent that protects developer devices against software supply chain attacks by ...
Catch up with this week's Microsoft stories in the latest recap. Patch Tuesday updates, bugs, Start menu reworks, Recall ...
Microsoft has embedded GitHub Copilot as a default VS Code extension in version 1.116, adding agent debug logging, terminal ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results