Bleeping Computer

'WhiteCobra' floods VSCode market with crypto-stealing extensions

A threat actor named WhiteCobra has been targeting VSCode, Cursor, and Windsurf users by planting 24 malicious extensions in the Visual Studio marketplace and the Open VSX registry. The campaign is ...
SecurityWeek

In Other News: CrowdStrike Vulnerabilities, CISA Layoffs, Mango Data Breach

Capita fined £14 million, ICTBroadcast vulnerability exploited, Spyware maker NSO acquired, CISA layoffs, Mango data breach.
Bleeping Computer

Malicious VSCode extensions infect Windows with cryptominers

A set of ten VSCode extensions on Microsoft's Visual Studio Code Marketplace pose as legitimate development tools while infecting users with the XMRig cryptominer for Monero. Microsoft VSCode is a ...