visual studio code Archives • Daily CyberSecurity

Fake AI Assistant: Malicious “ClawdBot” Extension Hides Trojan in VS Code ClawdBot Malware VS Code Trojan

Fake AI Assistant: Malicious “ClawdBot” Extension Hides Trojan in VS Code

Do Son January 29, 2026

The viral popularity of AI coding assistants has attracted a new kind of predator. On January 27,...

The Developer’s Backdoor: North Korea Weaponizes Visual Studio Code Mercenary Akula European Financial Targeting AI-Generated Malware React2Shell Exploit UAT-8837 Critical Infrastructure Attack APT36, BOSS Linux BRICKSTORM Malware, China Espionage Curly COMrades, MucorAgent Chinese APT - HTTP Client Tools Shuckworm Cyber Espionage

Mercenary Akula European Financial Targeting AI-Generated Malware React2Shell Exploit UAT-8837 Critical Infrastructure Attack APT36, BOSS Linux BRICKSTORM Malware, China Espionage Curly COMrades, MucorAgent Chinese APT - HTTP Client Tools Shuckworm Cyber Espionage

The Developer’s Backdoor: North Korea Weaponizes Visual Studio Code

Do Son January 26, 2026

Cyber spies aligned with North Korea are now weaponizing a tool beloved by developers worldwide—Visual Studio Code—to...

“Evelyn Stealer” Weaponizes Visual Studio Code Extensions KTLVdoor backdoor - CoffeeLoader Malware

“Evelyn Stealer” Weaponizes Visual Studio Code Extensions

Do Son January 21, 2026

The tools that software developers trust most are being turned against them in a sophisticated new malware...

A New Era for AI Coding: OpenAI’s Codex Gets a Major Update Codex, Visual Studio Code

A New Era for AI Coding: OpenAI’s Codex Gets a Major Update

Do Son September 2, 2025

OpenAI has recently announced a major update to its AI-powered coding tool Codex, introducing a new Microsoft...

Coding with GPT-5: Microsoft Integrates New AI Powerhouse into Visual Studio Code Visual Studio Code, GPT-5

Coding with GPT-5: Microsoft Integrates New AI Powerhouse into Visual Studio Code

Do Son August 9, 2025

Following OpenAI’s release of GPT-5, Microsoft is now actively working to integrate the model into its own...

ByteDance’s Trae IDE Under Fire: AI Coding Tool Caught Telemetry Spying Even After Opt-Out Trae IDE, Telemetry Privacy

ByteDance’s Trae IDE Under Fire: AI Coding Tool Caught Telemetry Spying Even After Opt-Out

Do Son July 29, 2025

Trae IDE, an AI-powered programming tool and integrated development environment (IDE) developed by ByteDance, has recently come...

Cursor AI IDE Hacked: Fraudulent Extension Steals $500K in Crypto from Russian Developer Cursor AI, Crypto Theft

Cursor AI IDE Hacked: Fraudulent Extension Steals $500K in Crypto from Russian Developer

Do Son July 15, 2025

A fraudulent extension for the Cursor AI IDE—an editor built upon Microsoft’s open-source Visual Studio Code—was used...

VS Code ETHcode Extension Hacked: Just 2 Lines of Code Led to Supply Chain Compromise Via GitHub PR

Do Son July 9, 2025

Researchers at ReversingLabs (RL) have uncovered a supply chain compromise of the popular ETHcode extension for Visual...

Electron Flaws: ASAR Bypass & Buffer Overflow Threaten Desktop Apps Electron Security Sandbox Escape Electron Vulnerabilities, Desktop App Security

Electron Security Sandbox Escape Electron Vulnerabilities, Desktop App Security

Electron Flaws: ASAR Bypass & Buffer Overflow Threaten Desktop Apps

Do Son July 1, 2025

The Electron team has published a new security advisory addressing two significant vulnerabilities that could impact a...

ShibaCoin Ransom: Microsoft Disables Infected VS Code Extensions

Do Son March 25, 2025

Microsoft, having previously apologized and reinstated developer themes following an erroneous deletion of two popular Visual Studio...

MirrorFace: Unmasking the Chinese Cyber Espionage Group Targeting Japan AccountDumpling Phishing Google AppSheet Abuse AI-Generated Malware PureRAT Campaign RondoDoX Botnet, Next.js React2Shell EchoGather, Paper Werewolf Salt Typhoon, Telecom Espionage BreachForums, Conor Fitzpatrick Ransomware Negotiation, DOJ Investigation MirrorFace group - Earth Kasha Emperor Dragonfly

AccountDumpling Phishing Google AppSheet Abuse AI-Generated Malware PureRAT Campaign RondoDoX Botnet, Next.js React2Shell EchoGather, Paper Werewolf Salt Typhoon, Telecom Espionage BreachForums, Conor Fitzpatrick Ransomware Negotiation, DOJ Investigation MirrorFace group - Earth Kasha Emperor Dragonfly

MirrorFace: Unmasking the Chinese Cyber Espionage Group Targeting Japan

Do Son January 8, 2025

On January 8, 2025, the Japanese National Police Agency (NPA) issued a critical warning regarding ongoing cyberattacks...

Operation Digital Eye: Chinese APT Exploits Visual Studio Code Tunnels in High-Stakes Espionage Campaign

Do Son December 11, 2024

In a sophisticated cyberespionage campaign dubbed Operation Digital Eye, SentinelOne and Tinexta Cyber uncovered activities linked to...

Developers Beware: Supply Chain Attacks Target Visual Studio Code Extensions Visual Studio Code threat

Developers Beware: Supply Chain Attacks Target Visual Studio Code Extensions

Do Son April 3, 2024

In a concerning development for the software industry, security researchers at ReversingLabs have uncovered a new threat...

PoC Exploit Published for Visual Studio Code RCE Vulnerability (CVE-2023-36742) CVE-2023-36742 PoC

PoC Exploit Published for Visual Studio Code RCE Vulnerability (CVE-2023-36742)

Do Son November 22, 2023

Security researchers have disclosed technical details for a Visual Studio Code remote code execution vulnerability (CVE-2023-36742, CVSS...

Critical Alert 3 Active Exploits Detected Today

Critical Alert

visual studio code

Fake AI Assistant: Malicious “ClawdBot” Extension Hides Trojan in VS Code

The Developer’s Backdoor: North Korea Weaponizes Visual Studio Code

“Evelyn Stealer” Weaponizes Visual Studio Code Extensions

A New Era for AI Coding: OpenAI’s Codex Gets a Major Update

Coding with GPT-5: Microsoft Integrates New AI Powerhouse into Visual Studio Code

ByteDance’s Trae IDE Under Fire: AI Coding Tool Caught Telemetry Spying Even After Opt-Out

Cursor AI IDE Hacked: Fraudulent Extension Steals $500K in Crypto from Russian Developer

VS Code ETHcode Extension Hacked: Just 2 Lines of Code Led to Supply Chain Compromise Via GitHub PR

Electron Flaws: ASAR Bypass & Buffer Overflow Threaten Desktop Apps

ShibaCoin Ransom: Microsoft Disables Infected VS Code Extensions

MirrorFace: Unmasking the Chinese Cyber Espionage Group Targeting Japan

Operation Digital Eye: Chinese APT Exploits Visual Studio Code Tunnels in High-Stakes Espionage Campaign

Developers Beware: Supply Chain Attacks Target Visual Studio Code Extensions

PoC Exploit Published for Visual Studio Code RCE Vulnerability (CVE-2023-36742)