tldrdailynews.com logo
Tag

Vscode

All articles tagged with #vscode

Checkmarx Supply-Chain Breach: Poisoned KICS Docker Images and Malicious VS Code Extensions
security1 month ago

Checkmarx Supply-Chain Breach: Poisoned KICS Docker Images and Malicious VS Code Extensions

Security researchers warn of a Checkmarx supply-chain breach: attackers overwrote tags in the official checkmarx/kics Docker Hub (notably v2.1.20, alpine; adding v2.1.21) with a compromised KICS binary that exfiltrates data and can encrypt and send scan reports to an external endpoint; separately, Checkmarx VS Code extensions (cx-dev-assist and ast-results, versions 1.17.0/1.19.0) load a remote mcpAddon.js via a hard-coded GitHub URL, enabling credential theft and propagation as attackers injected a backdated commit to introduce a large payload; the attack uses stolen tokens to create public repos, GitHub Actions workflows, and to exfiltrate GitHub, AWS/Azure/GCP credentials, npm configs, SSH keys, and environment variables to public repos and to an endpoint controlled by the attackers; the operation also spreads through the npm ecosystem by republishing ~250 compromised packages; 51 repos reference Checkmarx Configuration Storage in READMEs; TeamPCP is suspected; mitigation includes removing affected artifacts, rotating credentials, auditing GitHub workflows, reviewing npm packages, and monitoring access logs.

via The Hacker News|
#credential-theft#docker#github-actions
GlassWorm Expands to 433 Repos Across GitHub, npm, and VSCode
security2 months ago

GlassWorm Expands to 433 Repos Across GitHub, npm, and VSCode

A renewed GlassWorm supply-chain campaign has compromised 433 components across GitHub, npm, and VSCode/OpenVSX, spreading via compromised accounts, obfuscated code, and a Solana-based C2 to harvest wallet data, credentials, and environment info; indicators include marker lzcdrtfxyqiplpd and init.json persistence, with warnings to inspect for rogue Node.js installs and unusual commit histories.

via BleepingComputer|
#cybersecurity#github#glassworm
Fake Moltbot VS Code Extension Delivers Stealth Remote-Access Backdoor
technology4 months ago

Fake Moltbot VS Code Extension Delivers Stealth Remote-Access Backdoor

Security researchers flagged a fake Moltbot AI coding assistant extension for Visual Studio Code that auto-runs on launch, fetches payloads from malicious domains, and installs a remote-access backdoor (via ScreenConnect) with a DLL sideloading fallback, highlighting broader Moltbot misconfigurations and credential exposure across deployments.

via The Hacker News|
#backdoor#malware#remote-desktop
Malicious AI Extensions for VS Code Steal Code and Report to China
technology4 months ago

Malicious AI Extensions for VS Code Steal Code and Report to China

Security researchers uncovered two VS Code extensions marketed as AI coding assistants—ChatGPT-中文版 and ChatMoss—that secretly siphon every opened file and edits to China-based servers, with about 1.5 million total installs; the same spyware runs in both extensions and can exfiltrate up to 50 files on command, plus a hidden iframe loads Chinese analytics SDKs for device fingerprinting. The report also highlights six zero-day flaws in JavaScript package managers (PackageGate) affecting npm, pnpm, vlt, and Bun, with npm declining to fix them; guidance emphasizes vetting packages, disabling lifecycle scripts, and enforcing strong token and 2FA practices to secure the software supply chain.

via The Hacker News|
#cybersecurity#data-exfiltration#malware
VSCode Forks Vulnerable to Extension-Based Attacks
technology4 months ago

VSCode Forks Vulnerable to Extension-Based Attacks

Forked AI-powered IDEs based on VSCode recommend extensions that are not in the official OpenVSX registry, creating a security vulnerability where threat actors can claim unregistered namespaces to upload malicious extensions. Researchers identified this issue, coordinated with affected parties, and took measures to block malicious namespace claims, advising users to verify extension sources manually.

via BleepingComputer|
#extensions#malware#openvsx
technology8 months ago

Zed Enhances AI Coding with Claude Code Beta and Gemini CLI Integration

The article discusses the beta release of Zed with native support for Claude, highlighting its speed and architectural strengths, but also noting issues with AI autocomplete accuracy, UI performance, and configuration complexity. Users compare Zed to other editors like Cursor, VSCode, and Neovim, emphasizing the importance of speed, extensibility, and user-friendly features. The discussion reflects a broader industry interest in lightweight, fast editors with robust AI integration and customizable interfaces.

via Hacker News|
#ai-autocomplete#editor-performance#technology
Beware of Malicious VSCode Extensions Stealing Passwords and Enabling Backdoors
cybersecurity3 years ago

Beware of Malicious VSCode Extensions Stealing Passwords and Enabling Backdoors

Malicious extensions were uploaded to Microsoft's VSCode Marketplace, which were downloaded 46,600 times by Windows developers. The malware enabled threat actors to steal credentials, system information, and establish a remote shell on the victim's machine. While the extensions were removed, developers must manually remove them from their systems and run a complete scan to detect any remnants of the infection. Users are advised to only install extensions from trusted publishers with many downloads and community ratings, read user reviews, and always inspect the extension's source code before installing it.

via BleepingComputer|
#cybercrime#cybersecurity#malware