Flaws in popular VSCode extensions expose developers to attacks

Vulnerabilities with high to critical severity ratings affecting popular Visual Studio Code (VSCode) extensions collectively downloaded more than 128 million times could be exploited to steal local ...
Dark Reading

LLM Hijackers Quickly Incorporate DeepSeek API Keys

Sophisticated "LLMjacking" operations have obtained stolen access to DeepSeek models, just weeks after their public release. Most recently, researchers from Sysdig observed hyperactive LLMjacking ...
Bleeping Computer

Malicious crypto-stealing VSCode extensions resurface on OpenVSX

A threat actor called TigerJack is constantly targeting developers with malicious extensions published on Microsoft's Visual Code (VSCode) marketplace and OpenVSX registry to steal cryptocurrency and ...