CSOonline

TigerJack’s malicious VSCode extensions mine, steal, and stay hidden

The coordinated campaign abuses Visual Studio Code and OpenVSX extensions to steal code, mine cryptocurrency, and maintain remote control, all while posing as legitimate developer tools. In a new ...
GIGAZINE

VSCan can detect malicious VSCode extensions

A free diagnostic tool called ' VSCan ' has been released that checks the code of extensions released for Visual Studio Code (VScode) and checks for security issues. Enter the extension's name or ID ...