Malicious Microsoft AI extensions might have hit over 1.5 million users

Two VSCode extensions are harvesting sensitive data and sending it to China.
GitHub

Cloudsmith Visual Studio Code Extension

To install the extension, open the Extensions view, search for cloudsmith to filter results and select the Cloudsmith extension authorised by Cloudsmith. Entitlement tokens are not supported. Personal ...

Malicious AI extensions on VSCode Marketplace steal developer data

Marketplace that were collectively installed 1.5 million times, exfiltrate developer data to China-based servers.

If You've Installed Any of These 17 Browser Extensions, Delete Them Now

Another wave of malicious browser extensions capable of tracking user activity have been found across Chrome, Firefox, and ...

Beware - over 840,000 malicious browser extensions uncovered

These need to be uninstalled manually ...
The Hacker News

GootLoader Malware Uses 500–1,000 Concatenated ZIP Archives to Evade Detection

The JavaScript (aka JScript) malware loader called GootLoader has been observed using a malformed ZIP archive that's designed to sidestep detection efforts by concatenating anywhere from 500 to 1,000 ...
The Hacker News

Researchers Reveal Reprompt Attack Allowing Single-Click Data Exfiltration From Microsoft Copilot

Cybersecurity researchers have disclosed details of a new attack method dubbed Reprompt that could allow bad actors to exfiltrate sensitive data from artificial intelligence (AI) chatbots like ...
GitHub

Webview UI Toolkit for Visual Studio Code

The Webview UI Toolkit for VS Code will be deprecated on January 1, 2025. See the deprecation announcement for more details. Webviews are a powerful way to add custom functionality beyond what the ...
Bleeping Computer

VSCode IDE forks expose users to "recommended extension" attacks

Popular AI-powered integrated development environment solutions, such as Cursor, Windsurf, Google Antigravity, and Trae, recommend extensions that are non-existent in the OpenVSX registry, allowing ...