Computer hacker holding up a bitcoin
Posted inCybersecurity News

Cyberattacker targets VSCode’s Cursor IDE via a fake Solidity language extension to steal $500k in crypto from a blockchain developer.

A sophisticated cyberattack targeted the Cursor IDE—a Visual Studio Code (VSCode) fork popular among developers for its AI-assisted coding features. Attackers published a fake extension called "Solidity Language" in the Open VSX extension marketplace, masquerading as a tool for Ethereum smart contract development. This extension was, in reality, a vehicle for malware distribution and remote access.
Sophisticated supply chain attack uncovered in popular VS Code extension “Ethcode.”
Posted inCybersecurity News

Sophisticated supply chain attack uncovered in popular VS Code extension “Ethcode.”

Cybersecurity researchers have uncovered a sophisticated supply chain attack targeting the Microsoft Visual Studio Code (VS Code) extension “Ethcode,” a tool widely used by Ethereum smart contract developers. The malicious activity highlights the growing risks associated with third-party software components in modern development environments.