#developer-security

Weaponised Visual Studio Code extensions silently infected developer machines, stealing credentials, system data, and cryptocurrency at scale.

Source: Trend Micro

Five npm packages typosquatting Solana and Ethereum libraries exfiltrate private keys to a Telegram bot, putting developers’ cryptocurrency wallets at high risk.

Source: Socket

A crafted phishing link can trick developers into installing a malicious MCP configuration in Cursor IDE, executing attacker commands and even spawning reverse shells with user-level privileges.

Source: Proofpoint

Researchers discovered automated scripts in NuGet packages that clone, modify, and inflate malicious library downloads, posing supply-chain risks for developers.

Source: ReversingLabs

Default VS Code configurations in GitHub Codespaces enable attackers to trigger remote code execution via malicious repositories or pull requests, risking token and secret theft.

Source: Orca Security

The Rust package registry is surfacing vulnerability data earlier and tightening risky publishing paths to reduce supply-chain exposure.

Source: Socket

Malicious Visual Studio Code extensions quietly siphoned full projects and edits from up to 1.5 million developers.

Source: Koi