The Hacker News

Researchers Uncover 73 Fake VS Code Extensions Delivering GlassWorm v2 Malware

VS Code extensions since Dec 21, 2025 fuel GlassWorm v2, installing cross-IDE malware and stealing credentials.
The Hacker News

Malicious KICS Docker Images and VS Code Extensions Hit Checkmarx Supply Chain

Malicious KICS Docker tags and VS Code versions 1.17.0, 1.19.0 enabled data exfiltration, risking exposed infrastructure ...

GlassWorm malware attacks return via 73 OpenVSX "sleeper" extensions

A new wave of the Glassworm campaign is targeting the OpenVSX ecosystem with 73 "sleeper" extensions that turn malicious ...
Hosted on MSN

VSCode market struck by huge influx of malicious WhiteCobra extensions - so be warned

Researchers found 24 malicious extensions in Visual Studio Marketplace and Open VSX Registry deploying Lumma Stealer and other malware The attack targeted cryptocurrency holders and developers, with ...
How-To Geek on MSN

My dream Google Chrome extension didn't exist, so I vibe coded it with Claude

Your dream product could be a few prompts away.
GitHub

VSCode Neovim

Neovim is a fork of Vim to allow greater extensibility and integration. This extension uses a fully embedded Neovim instance, no more half-complete Vim emulation! VSCode's native functionality is used ...
GitHub

Enable extensions nag #308033

Please stop showing the nag popup when I disable all my extensions. I would like a way to completely disable it. Also it doesn't make sense to show this when vscode is open with the flag ...