Malicious Pull Request Targets 6,000+ Developers via Vulnerable Ethcode VS Code Extension

Updated on July 8, 2025

Cybersecurity researchers have flagged a supply chain attack targeting a Microsoft Visual Studio Code (VS Code) extension called Ethcode that has been installed a little over 6,000 times.
The compromise, per ReversingLabs, occurred via a GitHub pull request that was opened by a user named Airez299 on June 17, 2025.
First released by 7finney in 2022, Ethcode is a VS Code extension that’s used to…

Read the rest of the story at Read More

Source: The Hacker News

May 9, 2025 Uncategorized

Chinese Hackers Exploit SAP RCE Flaw CVE...

November 21, 2024 Uncategorized

Google’s AI-Powered OSS-Fuzz Tool ...

June 14, 2025 Uncategorized

Malicious Pull Request Targets 6,000+ Developers via Vulnerable Ethcode VS Code Extension

Related posts

Chinese Hackers Exploit SAP RCE Flaw CVE...

Google’s AI-Powered OSS-Fuzz Tool ...

Discord Invite Link Hijacking Delivers A...

Leave a Comment Cancel reply

Recent News

Pre-Auth Exploit Chains Found in Commvault Could Enable Remote Code Execution Attacks

Cybercriminals Deploy CORNFLAKE.V3 Backdoor via ClickFix Tactic and Fake CAPTCHA Pages

Hackers Using New QuirkyLoader Malware to Spread Agent Tesla, AsyncRAT and Snake Keylogger

Weak Passwords and Compromised Accounts: Key Findings from the Blue Report 2025

Scattered Spider Hacker Gets 10 Years, $13M Restitution for SIM Swapping Crypto Theft

Apple Patches CVE-2025-43300 Zero-Day in iOS, iPadOS, and macOS Exploited in Targeted Attacks

DOM-Based Extension Clickjacking Exposes Popular Password Managers to Credential and Data Theft

FBI Warns FSB-Linked Hackers Exploiting Unpatched Cisco Devices for Cyber Espionage

Experts Find AI Browsers Can Be Tricked by PromptFix Exploit to Run Malicious Hidden Prompts

🕵️ Webinar: Discover and Control Shadow AI Agents in Your Enterprise Before Hackers Do