Malicious VS Code Extensions: A Developer’s Nightmare in 2025 Unraveled!
Cybersecurity sleuths have uncovered 19 Visual Studio (VS) Code extensions that sneak malware into developers’ lives through their dependency folders. Using npm packages as a disguise, the attackers cleverly slipped harmful files past conventional checks, proving once again that even trusted extensions can be Trojan horses in disguise.
Hot Take:
Well, it looks like VS Code extensions have gone from ‘helpful developer tools’ to ‘malware delivery systems’ faster than you can say ‘Hmm, I thought I installed a code formatter, not a malware dropper.’ Who knew coding could be this thrilling? It’s like a surprise party, but the surprise is a Trojan horse in your IDE. Developers, brace yourselves; it’s time to audit those extensions like it’s tax season!
Key Points:
- 19 VS Code extensions were identified embedding malware in their dependency folders.
- Active since February 2025, the operation used an npm package to disguise malicious files.
- Attackers bypassed security checks by bundling malicious binaries in a PNG file.
- Malicious extensions imitated popular tools or advertised new features with hidden intentions.
- ReversingLabs reported a significant increase in malicious extensions in 2025.
Already a member? Log in here