Flaws in popular VSCode extensions expose developers to attacks

Vulnerabilities with high to critical severity ratings affecting popular Visual Studio Code (VSCode) extensions collectively downloaded more than 128 million times could be exploited to steal local ...
Bleeping Computer

Malicious AI extensions on VSCode Marketplace steal developer data

Two malicious extensions in Microsoft’s Visual Studio Code (VSCode) Marketplace that were collectively installed 1.5 million times exfiltrate developer data to China-based servers. Both extensions are ...
TechRadar

Malicious Microsoft VSCode AI extensions might have hit over 1.5 million users

Two VSCode extensions exfiltrated sensitive user data to Chinese servers ChatGPT – 中文版 and ChatMoss had over 1.5 million installs combined Extensions used hidden iframes, commands, and SDKs to steal ...
SecurityWeek

VS Code Configs Expose GitHub Codespaces to Attacks

Attackers can abuse VS Code configuration files for RCE when a GitHub Codespaces user opens a repository or pull request.
Mashable

Do you have one of these 17 browser extensions? They could be tracking your browsing history.

The biggest stories of the day delivered to your inbox.
PC Magazine

Using Browser Extensions to Translate or Download Videos? Better Check They're Not One of ...

Using Browser Extensions to Translate or Download Videos? Better Check They're Not One of These 17 Malicious Add-Ons Cybersecurity firm LayerX uncovers 17 malicious extensions that can enable click ...
ZDNet

The best VPN extensions for Chrome in 2026: Expert tested and reviewed

ZDNET experts put every product through rigorous testing and research to curate the best options for you. If you buy through our links, we may earn a commission. Learn Our Process 'ZDNET Recommends': ...