CyberSecurityBoard
Sponsor Register Login

Developers Beware of Malicious VS Code Extension Apps With Million of Installations

Cybersecurity researchers have uncovered a disturbing campaign targeting software developers through malicious Visual Studio Code extensions that have collectively amassed millions of installations. These compromised extensions, masquerading as legitimate productivity tools, covertly execute malicious code while developers focus on their programming tasks. Once installed, these extensions gain access to local files, potentially exfiltrating source code, API keys, and other sensitive information stored in development environments. The malware campaign has primarily targeted JavaScript and Python developers, with extensions promising features like code formatting, snippet generation, and automation capabilities. “These extensions aren’t merely stealing credentials; they’re designed to maintain persistence and potentially introduce subtle vulnerabilities that can later be exploited in deployed applications,” Ronen explained after analyzing several of the malicious extensions. The extensions also check for debugging environments and security tools before deploying their payloads, demonstrating sophisticated anti-analysis capabilities. Security experts warn that the extensions could potentially create backdoors in software during the development process, introducing vulnerabilities into production systems. Many of the malicious extensions initially entered the marketplace with clean code, only later introducing malicious functionality through updates. This technique allows the malware to bypass static code analysis tools since the malicious code never appears directly in the extension’s source. Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. The extensions appear fully functional while concealing their true purpose, making them particularly dangerous as they operate within one of the most trusted development environments in the industry. While Microsoft implements security measures, the sheer volume of extensions creates challenges for comprehensive vetting. With years of experience under his belt in Cyber Security, he is covering Cyber Security News, technology and other news. The attack exploits VS Code’s robust extension ecosystem, which allows developers to customize their environment with thousands of community-created tools.

This Cyber News was published on cybersecuritynews.com. Publication date: Tue, 08 Apr 2025 14:25:11 +0000


Cyber News related to Developers Beware of Malicious VS Code Extension Apps With Million of Installations

Building For a More Secure Future: How Developers Can Prioritize Cybersecurity - At the time, he was breaking new ground, repeating those words to help convince his teams on how crucial developers were going to be to the success of their platform. While the focus may have been initially on enterprise B2B platforms with Microsoft, ...
1 year ago Cyberdefensemagazine.com
ChatGPT Clone Apps Collecting Personal Data on iOS, Play Store - On Android devices, one of the apps analyzed by researchers has more than 100,000 downloads, tracks, and shares location data with ByteDance and Amazon, etc. ChatGPT, the AI software, has already taken the Internet by storm, and that is why ...
2 years ago Hackread.com Everest
Malicious Android 'Vapor' apps on Google Play installed 60 million times - Although all of these apps have since been removed from Google Play, there's a significant risk that Vapor will return through new apps as the threat actors have already demonstrated the ability to bypass Google's review process. Bitdefender ...
3 months ago Bleepingcomputer.com
Google Online Security Blog: I/O 2024: What's new in Android security and privacy - As their tactics evolve in sophistication and scale, we continually adapt and enhance our advanced security features and AI-powered protections to help keep Android users safe. Today, we're announcing more new fraud and scam protection features ...
1 year ago Security.googleblog.com Cloak
Data Insecurity: Experts Sound the Alarm on 4 Apps Putting User Privacy at Risk - Even though many of us rely on apps to entertain us, guide us, manage our exercise, and connect with family and friends, they are notoriously hard to trust. In an age when technology is constantly evolving, it is almost impossible to tell if a ...
1 year ago Cysecurity.news
Mastering Cybersecurity: Developer Training - Discover how to create an effective and engaging training program for your developers. Create a security training program with clearly defined goals to influence your developers to prioritize learning. Developers are likelier to participate and exert ...
1 year ago Feeds.dzone.com Equation
What Do Apple's EU App Store Changes Mean for App Developers? - In order to comply with the European Union's Digital Markets Act, Apple announced on Jan. 25 changes to its payment system for app sellers in the EU, and that it was letting go of the hold its App Store has over iOS app distribution in the EU. As ...
1 year ago Techrepublic.com
Developers Beware of Malicious VS Code Extension Apps With Million of Installations - Cybersecurity researchers have uncovered a disturbing campaign targeting software developers through malicious Visual Studio Code extensions that have collectively amassed millions of installations. These compromised extensions, masquerading as ...
2 months ago Cybersecuritynews.com
Halting Hackers on the Holidays 2023 Part II: The Apps You Trust - Most free flashlight apps are creepware - also known as malware that spies on you and your online behavior and could pass along information to others. The problem doesn't begin and end with flashlight apps, though. Many seemingly innocuous apps that ...
1 year ago Cyberdefensemagazine.com
Ushering in the Next Phase of Mobile App Adoption: Bolstering Growth with Unyielding Security - In recent years, mobile apps have surged in popularity providing consumers with instant access to a variety of life essentials such as finances, education, and healthcare to life's pleasures such as shopping, sports, and gaming. With the popularity ...
1 year ago Cyberdefensemagazine.com
Alert: iPhone Push Notifications Exploited Users Data - The security researcher found users privacy concerns in iPhone push notifications, the apps accessing the accelerometer. It also details some privacy concerns regarding app access to this sensor. Some apps have been found to collect accelerometer ...
1 year ago Hackersonlineclub.com
This year's resolution: remove nosey apps from your device - Some apps are plain greedy-like a stranger you invite for a meal who insists on ordering everything on the menu. Here's what upset me: After I downloaded the companion app that helps control it for my phone, the app wanted permission to make and ...
1 year ago Blog.avast.com
Cybersecurity Industry Gains $1.7 Billion to Develop Cutting-Edge Protection Technologies - As digital threats grow in sophistication, the cybersecurity sector has ignited a funding frenzy, with startups raising $1.7 billion in April 2025 alone ahead of the RSA Conference in San Francisco. As banks and fintechs face a 40% spike in ...
1 month ago Cybersecuritynews.com
Attack of the copycats: How impostor apps and fake app mods could bite you - Instant communication services are among the most popular apps on iOS and Android alike - US non-profit operation Signal has an estimated 40 million users, with the figure rising to 700 million for Telegram, another open-source messaging service. ...
1 year ago Welivesecurity.com
10 Key Things You Need to Know About the Sophisticated Vastflux Ad Fraud Scheme - At the end of April 2015, researchers from Distil Networks reported the discovery of a sophisticated ad fraud network, Vastflux, which had been around since at least January 2014. The network used sophisticated malware targeting both iOS and Android ...
2 years ago Securityweek.com
Android 15, Google Play get new anti-malware and anti-fraud features - Today, Google announced new security features coming to Android 15 and Google Play that will help block scams, fraud, and malware apps on users' devices. Announced at Google I/O 2024, the new features are designed not only to help end users but also ...
1 year ago Bleepingcomputer.com
Shift-left Convergence with Generative AI Improves the Programmer's Role - The ongoing 'shift left' movement in software development - where testing and quality control measures are moved earlier in the application lifecycle - is pushing developers into less familiar areas such as security. While intended to deliver more ...
1 year ago Feedpress.me
Part 2: Smart Shift Left - In my previous blog post, we discussed the state of the union for shift left and and how many organizations are not implementing correctly. Recognizing the consequences of a poor shift left model. Many of the high friction points with a poor shift ...
1 year ago Feedpress.me
Over 90 malicious Android apps with 5.5M installs found on Google Play - Over 90 malicious Android apps were found installed over 5.5 million times through Google Play to deliver malware and adware, with the Anatsa banking trojan seeing a recent surge in activity. Anatsa is a banking trojan that targets over 650 ...
1 year ago Bleepingcomputer.com
5 Tips for Strengthening the Developer-Security Team Relationship - COMMENTARY. In the ever-evolving realm of software development, the interaction between developers and security teams is critically important, with security analysts typically depending on developers to address vulnerabilities in previously written ...
1 year ago Darkreading.com
With the Right Support, Developers Can Lead Your Organization to Superior PCI-DSS 4.0 Compliance - The Payment Card Industry Data Security Standard version 4.0 will change almost everything about security for any business or organization that accepts electronic payments, which is a vast majority of them. Make no mistake, this update will be ...
1 year ago Feeds.dzone.com
Stytch offers toolkit for developers to build, implement, and customize passkey-based authentication - Stytch announced its Passkeys offering, giving developers the easiest way to build, customize and maintain passkey-based authentication in their applications. Stytch's new solution offers a flexible, API-first approach to passkeys that abstracts the ...
1 year ago Helpnetsecurity.com
Malicious Chrome extensions can spoof password managers in new attack - In SquareX's demonstration, the attackers impersonate the 1Password password manager extension by first disabling the legitimate one using the 'chrome.management' API, or if the permissions aren't available, user interface manipulation tactics to ...
3 months ago Bleepingcomputer.com
Google Adds Gemini Pro API to AI Studio and Vertex AI - Google also announced Duet AI for Developers and Duet AI in Security Operations, but neither uses Gemini yet. Starting Dec. 13, developers can use Google AI Studio and Vertex AI to build applications with the Gemini Pro API, which allows access to ...
1 year ago Techrepublic.com
Android App Security Alert: Proactive Measures to Prevent Unauthorized Control - The latest security alert comes from Microsoft's team who discovered a new vulnerability that may give hackers complete control of your smartphone. The latest security alert is triggered by the discovery of a new security flaw which can allow hackers ...
1 year ago Cysecurity.news

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)