Malicious Pull Request Hits 6,000+ Developers: How the Ethcode VS Code Extension Became a Supply Chain Attack Target
|

Malicious Pull Request Hits 6,000+ Developers: How the Ethcode VS Code Extension Became a Supply Chain Attack Target

ByInnoVirtuoso

What happens when your favorite developer tool turns into a cybersecurity nightmare overnight? If you use the Ethcode VS Code extension, you might have just dodged a digital bullet. In June 2025, a savvy but malicious actor exploited a surprising vulnerability—slipping dangerous code into a popular open-source project. Over 6,000 developers were at risk, and…

The Hidden Dangers of Verified IDE Extensions: Unmasking the New Supply Chain Threat
|

The Hidden Dangers of Verified IDE Extensions: Unmasking the New Supply Chain Threat

ByInnoVirtuoso

In the world of software development, we all crave efficiency, speed, and convenience. Integrated development environments (IDEs) promise exactly that: streamlined programming, smarter debugging, and a dazzling array of features—all in one tidy package. But as IDEs become more powerful and customizable, a silent threat is lurking beneath their polished surface. Recent research reveals that…