Hidden "Glassworm" malware spreads through infected VS Code extensions

A new malware worm campaign has infected multiple Microsoft Visual Studio Code extensions using invisible Unicode characters ...
CSO Online

Self-propagating worm found in marketplaces for Visual Studio Code extensions

Treat this as an immediate security incident, CISOs advised; researchers say it’s one of the most sophisticated supply chain ...
Bleeping Computer

Microsoft Visual Studio Code flaw lets extensions steal passwords

Microsoft's Visual Studio Code (VS Code) code editor and development environment contains a flaw that allows malicious extensions to retrieve authentication tokens stored in Windows, Linux, and macOS ...