VSCodium-Based Malicious VS Code Extension Found Stealing Sensitive Data

A newly discovered malicious Visual Studio Code extension, based on VSCodium, has been found stealing sensitive data from developers. This extension masquerades as a legitimate tool to gain trust and infiltrate development environments. Once installed, it exfiltrates credentials, source code, and other confidential information, posing a significant threat to software supply chains and developer security. The attack highlights the increasing risks associated with third-party extensions in popular development platforms like VS Code. Developers are urged to verify the authenticity of extensions and monitor network activity for suspicious behavior. Security experts recommend using official marketplaces and enabling multi-factor authentication to mitigate such risks. This incident underscores the need for enhanced scrutiny and security measures in software development ecosystems to prevent data breaches and intellectual property theft.

This Cyber News was published on thehackernews.com. Publication date: Mon, 10 Nov 2025 01:29:02 +0000

Cyber News related to VSCodium-Based Malicious VS Code Extension Found Stealing Sensitive Data

How to perform a proof of concept for automated discovery using Amazon Macie | AWS Security Blog - After reviewing the managed data identifiers provided by Macie and creating the custom data identifiers needed for your POC, it’s time to stage data sets that will help demonstrate the capabilities of these identifiers and better understand how ...
1 year ago Aws.amazon.com

VSCodium-Based Malicious VS Code Extension Found Stealing Sensitive Data - A newly discovered malicious Visual Studio Code extension, based on VSCodium, has been found stealing sensitive data from developers. This extension masquerades as a legitimate tool to gain trust and infiltrate development environments. Once ...
4 months ago Thehackernews.com

The zero-day that could've compromised every Cursor and Windsurf user - In a recent post Yomtom explains that while examining the build process behind OpenVSX, the open-source marketplace powering extensions for tools like Cursor, Windsurf, VSCodium, and others, he discovered a critical flaw. Dubbed VSXPloit: A single ...
8 months ago Bleepingcomputer.com

Malicious Chrome extensions can spoof password managers in new attack - In SquareX's demonstration, the attackers impersonate the 1Password password manager extension by first disabling the legitimate one using the 'chrome.management' API, or if the permissions aren't available, user interface manipulation tactics to ...
1 year ago Bleepingcomputer.com

361 million stolen accounts leaked on Telegram added to HIBP - A massive trove of 361 million email addresses from credentials stolen by password-stealing malware, in credential stuffing attacks, and from data breaches was added to the Have I Been Pwned data breach notification service, allowing anyone to check ...
1 year ago Bleepingcomputer.com

CVE-2025-52882 - Claude Code is an agentic coding tool. Claude Code extensions in VSCode and forks (e.g., Cursor, Windsurf, and VSCodium) and JetBrains IDEs (e.g., IntelliJ, Pycharm, and Android Studio) are vulnerable to unauthorized websocket connections from an ...
8 months ago

Stemming the Tide: Solving the Challenge of Password Reuse and Password-Stealing Malware - Password stealing malware is again rising with several attacks making the news cycle in recent months. A new password-stealing malware named Ov3r Stealer was discovered on Facebook Ads, spreading by way of fake job opportunities. Further analysis ...
1 year ago Cybersecurity-insiders.com