Bleeping Computer

Malicious VSCode extensions infect Windows with cryptominers

A set of ten VSCode extensions on Microsoft's Visual Studio Code Marketplace pose as legitimate development tools while infecting users with the XMRig cryptominer for Monero. Microsoft VSCode is a ...

Open VSX rotates tokens used in supply-chain malware attack

The Open VSX registry rotated access tokens after they were accidentally leaked by developers in public repositories and allowed threat actors to publish malicious extensions in an attempted ...