Malicious AI extensions on VSCode Marketplace steal developer data

Marketplace that were collectively installed 1.5 million times, exfiltrate developer data to China-based servers.
The Hacker News

Malicious VS Code AI Extensions with 1.5 Million Installs Steal Developer Source Code

Security researchers found two AI-branded VS Code extensions with 1.5M installs that covertly send source code and files to ...
The Hacker News

Fake Moltbot AI Coding Assistant on VS Code Marketplace Drops Malware

A fake VS Code extension posing as a Moltbot AI assistant installed ScreenConnect malware, giving attackers persistent remote ...

Fake Moltbot AI assistant just spreads malware - so watch out for scams

Moltbot doesn't have a VSCode extension - you're downloading malware instead ...

Malicious Microsoft AI extensions might have hit over 1.5 million users

Two VSCode extensions are harvesting sensitive data and sending it to China.

Dangerous new malware targets macOS devices via OpenVSX extensions

GlassWorm malware is expanding to open source platforms, targeting macOS users with infostealers.

Viral Moltbot AI assistant raises concerns over data security

Security researchers are warning of insecure deployments in enterprise environments of the Moltbot (formerly Clawdbot) AI assistant, which can lead to leaking API keys, OAuth tokens, conversation ...
Visual Studio Magazine

Google's Antigravity IDE Sparks Forking Debate

Google's new AI-powered Antigravity IDE has triggered an intense discussion among developers after many users quickly concluded that the tool is based on Microsoft's Visual Studio Code. A Hacker News ...