A new malware campaign is A/B testing delivery effectiveness on software developers using malicious VS Code extensions.

Two malicious extensions on Microsoft's Visual Studio Code Marketplace infect developers' machines with information-stealing ...

Two malicious Visual Studio Code extensions, Bitcoin Black and Codo AI, have been observed harvesting sensitive user data ...

Researchers found malicious VS Code extensions and Go, npm, and Rust packages stealing developer data via hidden payloads and exfiltration.