Malicious VSX Extension “SleepyDuck” Uses Ethereum to Keep Its Command Server Alive

Updated on November 3, 2025

Cybersecurity researchers have flagged a new malicious extension in the Open VSX registry that harbors a remote access trojan called SleepyDuck.
According to Secure Annex’s John Tuckner, the extension in question, juan-bianco.solidity-vlang (version 0.0.7), was first published on October 31, 2025, as a completely benign library that was subsequently updated to version 0.0.8 on November 1 to…

Read the rest of the story at Read More

Source: The Hacker News

November 1, 2024 Uncategorized

New Phishing Kit Xiū gǒu Targets Users...

September 2, 2024 Uncategorized

Next-Generation Attacks, Same Targets &#...

October 18, 2025 Uncategorized

Malicious VSX Extension “SleepyDuck” Uses Ethereum to Keep Its Command Server Alive

Related posts

New Phishing Kit Xiū gǒu Targets Users...

Next-Generation Attacks, Same Targets &#...

New .NET CAPI Backdoor Targets Russian A...

Leave a Comment Cancel reply

Recent News

ShadowRay 2.0 Exploits Unpatched Ray Flaw to Build Self-Spreading GPU Cryptomining Botnet

Tsundere Botnet Expands Using Game Lures and Ethereum-Based C2 on Windows

ThreatsDay Bulletin: 0-Days, LinkedIn Spies, Crypto Crimes, IoT Flaws and New Malware Waves

CTM360 Exposes a Global WhatsApp Hijacking Campaign: HackOnChat

New Sturnus Android Trojan Quietly Captures Encrypted Chats and Hijacks Devices

Iran-Linked Hackers Mapped Ship AIS Data Days Before Real-World Missile Strike Attempt

TamperedChef Malware Spreads via Fake Software Installers in Ongoing Global Campaign

Hackers Actively Exploiting 7-Zip Symbolic Link–Based RCE Vulnerability (CVE-2025-11001)

Python-Based WhatsApp Worm Spreads Eternidade Stealer Across Brazilian Devices

WrtHug Exploits Six ASUS WRT Flaws to Hijack Tens of Thousands of EoL Routers Worldwide