Security researchers have discovered several malicious Chrome extensions on the official Chrome Web Store that can steal user data and compromise privacy. Some of these extensions are still available ...

A new malware-as-a-service (MaaS) called 'Stanley' promises malicious Chrome extensions that can clear Google's review ...

Two VSCode extensions are harvesting sensitive data and sending it to China.

A VS Code extension that brings spec-driven development to Codex CLI, leveraging the powerful AI capabilities of the VS Code Codex extension. Manage your specs, steering documents, and custom prompts ...

Security researchers found two AI-branded VS Code extensions with 1.5M installs that covertly send source code and files to ...

Cybersecurity firm LayerX uncovers 17 malicious extensions that can enable click fraud, user tracking, and more. The most popular extension was downloaded more than 500K times.

Track your coding activity automatically and build a comprehensive history of your development journey. This VS Code extension seamlessly records your coding sessions and commits them to a GitHub ...

Another wave of malicious browser extensions capable of tracking user activity have been found across Chrome, Firefox, and ...

Threat actors behind the campaign are abusing Microsoft Visual Studio Code’s trusted workflows to execute and persist ...

The Malwarebytes blog warns of a new wave of compromised browser extensions. The technique used, called steganography, is ingenious: A group of researchers found 17 new contaminated extensions ...

Malicious sleeper browser extensions are spying on users across Firefox, Chrome, and Edge. Here’s how they work and how to ...