Malicious AI extensions on VSCode Marketplace steal developer data

Marketplace that were collectively installed 1.5 million times, exfiltrate developer data to China-based servers.
Visual Studio Magazine

Copilot Studio Extension for VS Code Goes GA

Microsoft has released the Copilot Studio extension for Visual Studio Code to general availability, enabling teams to build, version, review, and deploy Copilot Studio agents using standard software ...
The Hacker News

Evelyn Stealer Malware Abuses VS Code Extensions to Steal Developer Credentials and Crypto

Experts reveal Evelyn Stealer malware abusing VS Code extensions to steal developer credentials, browser data, and ...

OpenAI Codex Made Simple, from Installation to MCP Tools & VSCode Tips

Get started with OpenAI Codex AI coding assistant. Learn how Codex connects to MCP servers like Figma and Jira, pulling docs ...
Bleeping Computer

Trust Wallet confirms extension hack led to $7 million crypto theft

Trust Wallet confirmed that a compromised Chrome extension update released on December 24 led to $7 million in stolen cryptocurrency after users reported their wallets drained. "So far, $7m affected ...