News Flaws in popular VSCode extensions expose developers to attacks
Vulnerabilities with high to critical severity ratings affecting popular Visual Studio Code (VSCode) extensions collecti...
Extensions
News 
News 30万人のユーザーを持つ偽のAI Chrome拡張機能、認証情報と電子メールを盗む
30万人以上のユーザーがインストールしている悪質なChrome拡張機能30セットが、AIアシスタントになりすまして認証情報、メール内容、閲覧情報を盗んでいる。 これらの拡張機能の中には、Chrome ウェブストアにまだ存在し、数万人のユーザ...
News New GlassWorm attack targets macOS via compromised OpenVSX extensions
A new GlassWorm malware attack through compromised OpenVSX extensions focuses on stealing passwords, crypto-wallet data,...
News Malicious AI extensions on VSCode Marketplace steal developer data
Two malicious extensions in Microsoft’s Visual Studio Code (VSCode) Marketplace that were collectively installed 1.5 mil...
News 悪質なGhostPosterブラウザ拡張機能、84万インストール見つかる
GhostPosterキャンペーンに関連する別の17の悪意のある拡張機能のセットが、Chrome、Firefox、Edgeのストアで発見され、合計84万インストールが蓄積された。 GhostPosterキャンペーンは、12月にKoi Sec...
News VSCode IDE forks expose users to “recommended extension” attacks
Popular AI-powered integrated development environment solutions, such as Cursor, Windsurf, Google Antigravity, and Trae,...
News New GlassWorm malware wave targets Macs with trojanized crypto wallets
A fourth wave of the "GlassWorm" campaign is targeting macOS developers with malicious VSCode/OpenVSX extensions that de...
News Zoom Stealer browser extensions harvest corporate meeting intelligence
A newly discovered campaign, which researchers call Zoom Stealer, is affecting 2.2 million Chrome, Firefox, and Microsof...
News Trust Wallet says 2,596 wallets drained in $7 million crypto theft attack
Trust Wallet says attackers who compromised its browser extension right before Christmas have drained approximately $7 m...
News GhostPoster attacks hide malicious JavaScript in Firefox addon logos
A new campaign dubbed 'GhostPoster' is hiding JavaScript code in the image logo of malicious Firefox extensions with mor...