The zero-day that could've compromised every Cursor and Windsurf user

In a recent post Yomtom explains that while examining the build process behind OpenVSX, the open-source marketplace powering extensions for tools like Cursor, Windsurf, VSCodium, and others, he discovered a critical flaw. Dubbed VSXPloit: A single overlooked flaw in OpenVSX - a critical component in the developer supply chain - allowed silent, full-system compromise on any machine running a VS Code fork. From there, OpenVSX takes over: it pulls the code, installs the dependencies, builds the extension, and publishes it using a powerful secret token that belongs to the trusted @open-vsx account. Koi’s research team continues to find both vulnerable and actively malicious extensions - not just in OpenVSX,or Microsoft’s marketplace, even in other extension marketplaces like the Chrome Web Store. The vulnerability allowed any attacker, not only to gain control over a single extension, but an supply chain armageddon, gaining full control over the entire marketplace. Unfortunately, due to how the build process runs arbitrary code from public repositories, any extension author could craft a malicious update that silently captures the token. A malicious update to a popular extension, say, the Python plugin, could quietly install a keylogger, steal browser cookies, swipe source code, infect builds, or backdoor entire development pipelines. This exact nightmare scenario is what security researcher Oren Yomtov from Koi Security, a company providing a platform for securing software provisioning and extensions, stumbled upon. Every night, OpenVSX runs an automated process that fetches the latest versions of community-submitted extensions, builds them, and publishes them to the marketplace. Extensions in VS Code and its forks run as Node.js processes, which means they can access files, launch other programs, make network requests, and execute arbitrary code. To protect ourselves, Yomtov recommends organizations treat extensions as part of their attack surface and apply the same discipline they use for any other dependency. Behind their sleek interfaces lies a shared foundation: community-built VS Code forks and an open marketplace of extensions that powers the magic. Learn how Koi helps organizations discover, assess, and govern risky extensions across VSCode, OpenVSX, Chrome, and other marketplaces. Extensions may feel like harmless add-ons, but under the hood, they’re powerful software components, often written by individuals, running with full permissions, and automatically updated without oversight. To understand how the vulnerability worked, you first need to understand how extensions make their way into OpenVSX in the first place. There have been isolated cases of rogue VS Code extensions stealing SSH keys or crypto wallets. While the impact would be most severe for desktop editors like Cursor, Windsurf, and VSCodium, even browser-based environments such as Gitpod or StackBlitz could be affected, depending on how deeply integrated the compromised extensions are. This in turn means that a single compromised extension can lead to full machine takeover of anyone who installs it. At first, Yomtov assumed it had to be a mistake, this code had been running for years, used by tens of millions. Yomtov and the team at Koi Security responsibly disclosed the vulnerability to the Eclipse Foundation, which maintains the OpenVSX project. “The nightly build is where the problem lies,” says Yomtov.

This Cyber News was published on www.bleepingcomputer.com. Publication date: Fri, 11 Jul 2025 15:10:14 +0000


Cyber News related to The zero-day that could've compromised every Cursor and Windsurf user