IDE Extensions Like VSCode Allow Attackers to Bypass Trust Checks and Deliver Malware to Developer Systems
Posted: Thu Jul 03, 2025 7:47 am
OX Research conducted a ground-breaking study in May and June 2025 that revealed concerning security flaws in the extension verification procedures of some of the most popular Integrated Development Environments (IDEs), such as Visual Studio Code (VSCode), Visual Studio, IntelliJ IDEA, and Cursor.
These tools, essential to millions of developers worldwide, rely heavily on third-party extensions to enhance functionality.
https://gbhackers.com/ide-extensions-li ... attackers/
These tools, essential to millions of developers worldwide, rely heavily on third-party extensions to enhance functionality.
https://gbhackers.com/ide-extensions-li ... attackers/