VMTech
+381 11 4150 20024/7 Discuss a project
← All Instagram insights VMTECH · INSTAGRAM

State actors turn VS Code and repositories into malware delivery channels

Гос‑актеры превращают VS Code и репозитории в канал доставки вредоносного ПО

Colleagues, a warning: cybersecurity teams have uncovered phishing campaigns that use GitHub and VS Code as malware delivery channels.

According to Proofpoint and Yeeth, attackers send fake job offers/tasks, ask targets to clone repositories and open them in VS Code/Cursor. They leverage runOn: folderOpen, malicious VSIX extensions, platform loaders for macOS, Linux and Windows, plus malicious npm packages and task.json/Git hooks.

Nearly 100 organizations—mostly in the US—were affected; the objective is theft of crypto wallets and credentials.

Why it matters: developer tools are now a vector for mass data loss and financial harm.

What measures do you prioritize to protect developers?

#cybersecurity #supplychain #devsecops #development

Latest comments

No comments yet.