VS Code Archives • Daily CyberSecurity

Clever Phishing Campaign Exploits Corporate Trust in Pakistan VS Code Remote Tunnels abuse

Clever Phishing Campaign Exploits Corporate Trust in Pakistan

Do Son May 26, 2026

A sophisticated cyber espionage operation recently targeted prominent public safety organizations in Pakistan. Specifically, the threat actors...

The Sleeper in Your IDE: Unmasking the 73-Extension “GlassWorm” Espionage Campaign GlassWorm Campaign Sleeper Extensions

The Sleeper in Your IDE: Unmasking the 73-Extension “GlassWorm” Espionage Campaign

Do Son April 30, 2026

A sophisticated cyber-espionage operation, dubbed the GlassWorm campaign, is rapidly expanding its footprint within the open-source community....

TeamPCP Hijacks Checkmarx in Sprawling Supply Chain Strike Checkmarx Supply Chain Attack TeamPCP

TeamPCP Hijacks Checkmarx in Sprawling Supply Chain Strike

Do Son April 23, 2026

The cybersecurity world is facing a sprawling supply chain compromise as official distribution channels for Checkmarx, a...

GitHub Abruptly Terminates All Copilot Pro Trials Amid Massive Abuse GitHub Copilot Pro trial suspension GitHub Actions Platform Fee, Self-Hosted Runner Tax 2026 GitHub Apple ID, Privacy Login GitHub Microsoft Github disruptions CVE-2025-30066 GitHub Outage, Service Disruption

GitHub Copilot Pro trial suspension GitHub Actions Platform Fee, Self-Hosted Runner Tax 2026 GitHub Apple ID, Privacy Login GitHub Microsoft Github disruptions CVE-2025-30066 GitHub Outage, Service Disruption

GitHub Abruptly Terminates All Copilot Pro Trials Amid Massive Abuse

Do Son April 16, 2026

As previously noted, GitHub announced a suspension of all Copilot Pro complimentary trials, a decision precipitated by...

The Stealth Pitch: Why GitHub Copilot is Secretly Injecting Ads Into Your Pull Requests GitHub Copilot PR advertising

The Stealth Pitch: Why GitHub Copilot is Secretly Injecting Ads Into Your Pull Requests

Do Son March 31, 2026

Recently, a developer disclosed that their team employed GitHub Copilot to rectify trivial typographical errors within a...

The Trojan Prompt: How an Autonomous AI Hijacked Aqua Trivy to Weaponize Developer Copilots AI Prompt Injection Aqua Trivy Breach AI Assistant Apertus, open-source AI .ai domain milestone

AI Prompt Injection Aqua Trivy Breach AI Assistant Apertus, open-source AI .ai domain milestone

The Trojan Prompt: How an Autonomous AI Hijacked Aqua Trivy to Weaponize Developer Copilots

Do Son March 4, 2026

Cybersecurity researchers at Socket have uncovered a sophisticated security breach affecting the popular Aqua Trivy VS Code...

The Dev Environment Trap: 128 Million Users at Risk as Top VS Code Extensions Unmask Critical Flaws VS Code extension vulnerabilities 2026

The Dev Environment Trap: 128 Million Users at Risk as Top VS Code Extensions Unmask Critical Flaws

Do Son February 20, 2026

Ubiquitous extensions for Visual Studio Code, boasting a cumulative download count exceeding 128 million, have been unmasked...

“Contagious” Code: North Korean Hackers Infiltrate Developer Workflows via Visual Studio Code BlueNoroff macOS Attack GhostCall Campaign Carding Underground Bulletproof Hosting DPRK Contagious Interview, npm Flood Stonefly group -HiatusRAT Actors

BlueNoroff macOS Attack GhostCall Campaign Carding Underground Bulletproof Hosting DPRK Contagious Interview, npm Flood Stonefly group -HiatusRAT Actors

“Contagious” Code: North Korean Hackers Infiltrate Developer Workflows via Visual Studio Code

Do Son January 21, 2026

The “Contagious Interview” campaign, a sophisticated cyber-espionage operation attributed to North Korean (DPRK) threat actors, has evolved...

VS Code Supply Chain Attack: 19 Extensions Used Typosquatting & Steganography to Deploy Rust Trojan

Do Son December 15, 2025

A sophisticated malware campaign has been uncovered within the Visual Studio Code (VS Code) Marketplace, exposing a...

The Silent Spy: How Chinese Hackers are Exploiting U.S.-China Policy Chinese espionage groups APT35 Phishing, Stormshield CTI

The Silent Spy: How Chinese Hackers are Exploiting U.S.-China Policy

Do Son September 18, 2025

State-aligned Chinese threat actor TA415 (also tracked as APT41, Brass Typhoon, Wicked Panda) has launched a series...

A Dangerous Loophole in the VS Code Marketplace Is Allowing Malicious Extensions libheif Vulnerability CVE-2025-65586 Trend Micro RCE CVE-2025-69258 SessionReaper CVE-2025-54236 VS Code Marketplace, supply chain attack npm Supply Chain, Toptal Compromise Ruckus AP Vulnerability

libheif Vulnerability CVE-2025-65586 Trend Micro RCE CVE-2025-69258 SessionReaper CVE-2025-54236 VS Code Marketplace, supply chain attack npm Supply Chain, Toptal Compromise Ruckus AP Vulnerability

A Dangerous Loophole in the VS Code Marketplace Is Allowing Malicious Extensions

Do Son September 1, 2025

ReversingLabs researchers have uncovered a dangerous loophole in the Visual Studio Code (VS Code) Marketplace that allows...

Cursor AI IDE Hacked: Fraudulent Extension Steals $500K in Crypto from Russian Developer Cursor AI, Crypto Theft

Cursor AI IDE Hacked: Fraudulent Extension Steals $500K in Crypto from Russian Developer

Do Son July 15, 2025

A fraudulent extension for the Cursor AI IDE—an editor built upon Microsoft’s open-source Visual Studio Code—was used...

VS Code ETHcode Extension Hacked: Just 2 Lines of Code Led to Supply Chain Compromise Via GitHub PR

Do Son July 9, 2025

Researchers at ReversingLabs (RL) have uncovered a supply chain compromise of the popular ETHcode extension for Visual...

Malicious VS Code Extensions Deliver Spyware, Steal Crypto Credentials VS Code security, crypto wallet theft

Malicious VS Code Extensions Deliver Spyware, Steal Crypto Credentials

Do Son May 23, 2025

In a detailed report published by Datadog Security Research, threat actor MUT-9332 has been linked to a...

VS Code in the Browser at Risk: code-server Security Alert code-server, VS Code, security

VS Code in the Browser at Risk: code-server Security Alert

Do Son May 12, 2025

A newly disclosed security advisory reveals a vulnerability in the widely popular code-server project, which enables users...

Critical Alert 1 Active Exploit Detected Today