Glassworm malware returns in third wave of malicious VS Code packages

The Glassworm campaign, which first emerged on the OpenVSX and Microsoft Visual Studio marketplaces in October, is now in its third wave, with 24 new packages added on the two platforms.

Malicious VSCode extensions on Microsoft's registry drop infostealers

Two malicious extensions on Microsoft's Visual Studio Code Marketplace infect developers' machines with information-stealing ...
Dark Reading

Self-Propagating GlassWorm Attacks VS Code Supply Chain

A self-propagating worm is targeting Visual Studio Code (VS Code) extensions in a complex supply chain attack that has infected 35,800 developer machines so far with techniques the likes of which ...
Techzine Europe

Glassworm malware reappears within VS Code ecosystem

The Glassworm campaign is proving to be more persistent than expected. After malicious extensions appeared in both the ...
Dark Reading

Plug-ins for Code Editors Pose Developer-Security Threat

Vulnerabilities discovered in two plug-ins for Microsoft's popular Visual Studio Code editor could allow an attacker to execute malware by tricking a developer into clicking a link, software security ...
Visual Studio Magazine

VS Code Goes on Security 'MITRE ATT&CK' with New Extension

Security firm Red Canary has open sourced a new Visual Studio Code extension that helps security analysts and engineers interact with the MITRE ATT&CK framework with the help of editor features like ...
ZDNet

Programming languages: Python and Java VS Code extensions get these new updates

Microsoft has released the March update for its popular Python extension for Visual Studio Code (VS Code), its widely used cross-platform code editor. It's also released an update for Java on VS Code ...