Skip to content
The Nexus
DossierENTITY

Open VSX

Coverage of Open VSX in the Nexus archive.

Earliest in view: Apr 10 · 13:23 UTCMost recent: Apr 28 · 14:59 UTC
Co-mentioned in this coverage
Recent coverage
  • SECURITYApr 28 · 14:59 UTCDARK READING
    Fresh Wave of GlassWorm VS Code Extensions Slices Through Supply Chain

    Attackers are distributing malicious VS Code extensions via Open VSX, exploiting supply chain vulnerabilities to spread self-propagating malware. The campaign involves seeding seemingly benign extensions that act as vectors for malware propagation.

  • SECURITYApr 23 · 16:05 UTCBLEEPING COMPUTER
    New Checkmarx supply-chain breach affects KICS analysis tool

    Hackers compromised Docker images, VSCode, and Open VSX extensions for Checkmarx's KICS analysis tool to steal sensitive data from developer environments. The breach exploits the supply chain to harvest information from affected systems.

  • SECURITYApr 10 · 13:23 UTCTHE HACKER NEWS
    GlassWorm Campaign Uses Zig Dropper to Infect Multiple Developer IDEs

    The GlassWorm campaign has evolved with a new Zig dropper designed to infect multiple developer IDEs. Researchers identified the threat in a malicious Open VSX extension named 'specstudio.code-wakatime-activity-tracker,' which disguises itself as the legitimate WakaTime tool.