Researchers Find Malicious VS Code, Go, npm, and Rust Packages Stealing Developer Data

Updated on December 9, 2025

Cybersecurity researchers have discovered two new extensions on Microsoft Visual Studio Code (VS Code) Marketplace that are designed to infect developer machines with stealer malware.
The VS Code extensions masquerade as a premium dark theme and an artificial intelligence (AI)-powered coding assistant, but, in actuality, harbor covert functionality to download additional payloads, take…

Read the rest of the story at Read More

Source: The Hacker News

October 16, 2025 Uncategorized

CISA Flags Adobe AEM Flaw with Perfect 1...

October 19, 2024 Uncategorized

Crypt Ghouls Targets Russian Firms with ...

June 5, 2025 Uncategorized

Researchers Find Malicious VS Code, Go, npm, and Rust Packages Stealing Developer Data

Related posts

CISA Flags Adobe AEM Flaw with Perfect 1...

Crypt Ghouls Targets Russian Firms with ...

Researchers Detail Bitter APT’s Evolvi...

Leave a Comment Cancel reply

Recent News

Featured Chrome Browser Extension Caught Intercepting Millions of Users’ AI Chats

FreePBX Patches Critical SQLi, File-Upload, and AUTHTYPE Bypass Flaws Enabling RCE

⚡ Weekly Recap: Apple 0-Days, WinRAR Exploit, LastPass Fines, .NET RCE, OAuth Scams & More

A Browser Extension Risk Guide After the ShadyPanda Campaign

Phantom Stealer Spread by ISO Phishing Emails Hitting Russian Finance Sector

VolkLocker Ransomware Exposed by Hard-Coded Master Key Allowing Free Decryption

CISA Adds Actively Exploited Sierra Wireless Router Flaw Enabling RCE Attacks

Apple Issues Security Updates After Two WebKit Flaws Found Exploited in the Wild

Fake OSINT and GPT Utility GitHub Repos Spread PyStoreRAT Malware Payloads

New Advanced Phishing Kits Use AI and MFA Bypass Tactics to Steal Credentials at Scale