VSCode IDE forks expose users to "recommended extension" attacks
1 day ago · Popular AI-powered integrated development environment solutions, such as Cursor, Windsurf, Google Antigravity, and Trae, recommend extensions that are non-existent in the …
Forked VSCode IDEs Put Users at Risk from Recommended ...
2 days ago · AI‑driven IDEs like Cursor, Windsurf, Antigravity, and Trae suggest extensions that don’t exist in OpenVSX, letting attackers claim those namespaces and upload malware. These forks …
AI VS Code forks push fake extensions, supply chain risk now
1 day ago · Several AI-powered forks of Microsoft Visual Studio Code (VS Code) recommended extensions that were not present in the Open VSX registry. Unclaimed namespaces allowed anyone …
VSCode fork extension attack: hijacked recommendations
1 day ago · IDE prompts for extensions whose namespaces were created within the last 14 days. Recommendations that point to publishers without corporate verification or with zero download …
Malicious VS code extensions and the new developer supply ...
Malicious VS Code extensions are becoming a major supply-chain threat. Learn how attackers target developers and how to detect, prevent, and remediate the risk.
Dangerous VS Code Extensions Expose Developers to Remote ...
Recent research by security expert Mazin Ahmed has revealed how attackers can exploit these extensions to gain full control over developers’ machines, potentially exposing sensitive data, API …
[BleepingComputer] VSCode IDE forks expose users to ... - GitHub
2 days ago · Popular AI-powered integrated development environment solutions, such as Cursor, Windsurf, Google Antigravity, and Trae, recommend extensions that are non-existent in the …