BTC $71,807
2026 Bull Run Is Building Start trading with 5% OFF all fees
Sign Up Now
BTC $71,807
Bull Run 2026 | 5% Off Fees Open your Binance account today
Sign Up

AI VS Code forks push fake extensions, supply chain risk now

AI-powered VS Code forks recommended extensions missing from Open VSX, allowing attackers to claim unregistered namespaces and publish malicious packages that could expose secrets—vendors and the Eclipse Foundation have since implemented fixes and registry safeguards.

  • Several AI-powered forks of Microsoft Visual Studio Code (VS Code) recommended extensions that were not present in the Open VSX registry.
  • Unclaimed namespaces allowed anyone to register those extension names and upload packages, creating a supply-chain risk.
  • Attackers could publish malicious extensions that users install after seeing IDE recommendations, potentially exposing secrets and source code.
  • Vendors and the Eclipse Foundation implemented fixes and registry safeguards after responsible disclosure.

On Jan. 6, 2026, security researchers reported that AI-powered forks of Microsoft Visual Studio Code (VS Code) — including Cursor, Windsurf, Google Antigravity, and Trae — offered extension recommendations that did not exist in the Open VSX registry, creating a potential supply-chain risk, according to Malware“>Koi.

- Advertisement -

These IDEs inherit recommended extension lists from Microsoft’s marketplace. Recommendations appear in two ways: file-based prompts when opening certain file types, and software-based prompts when specific programs are installed on the host system.

Researcher Oren Yomtov described the core issue: “The problem: these recommended extensions didn’t exist on Open VSX.” Because the namespaces were unclaimed, anyone could register them and upload arbitrary packages to the registry.

As an example, an attacker could publish a package named ms-ossdata.vscode-postgresql. When a developer with PostgreSQL installed opens one of the affected IDEs, they might see “Recommended: PostgreSQL extension” and install the suggested package, which could execute malicious code and expose credentials, secrets, or source code.

Koi published placeholder packages to demonstrate the risk and reported that the PostgreSQL placeholder attracted about 500 installs. Other extension names claimed by Koi as placeholders included ms-azure-devops.azure-pipelines, msazurermtools.azurerm-vscode-tools, usqlextpublisher.usql-vscode-ext, cake-build.cake-vscode, and pkosta2005.heroku-command.

- Advertisement -

Following responsible disclosure, Cursor, Windsurf, and Google released fixes. The Eclipse Foundation removed non-official contributors from the registry and enforced broader safeguards. Developers are advised to verify publisher identities before installing recommended extensions.

✅ Follow BITNEWSBOT on Telegram, Facebook, LinkedIn, X.com, and Google News for instant updates.

Previous Articles:

- Advertisement -
Ad
Altseason Is Loading. Don't watch from the sidelines.
SOL $90.51
DOGE $0.0963
LINK $9.02
SUI $1.00
5% off fees when you sign up
Start Trading
Ad
Pay Less on Every Trade. For Life.
$10K/mo volume Save $60/yr
$50K/mo volume Save $300/yr
$100K/mo volume Save $600/yr
5% off all trading fees when you sign up
Claim Your Discount

Latest News

Crypto’s $2T Crash Awaits BlackRock Shock & FOMO

Bitcoin has stabilized near $60,000 after a downturn erased $2 trillion from the crypto...

Cambridge: Ethereum Energy Intensity Low, Overall Use High

Ethereum consumes roughly 7.87 GWh annually, the second-lowest energy intensity per market value among...

Saylor and Back oppose BIP-110 fork over Bitcoin security fears

Michael Saylor and Adam Back have publicly opposed BIP-110, a temporary Bitcoin fork proposal...

China, India groups target Pakistani police in cyber espionage

Suspected China- and India-aligned threat actors targeted Pakistani law enforcement in a sustained cyber...

AMD Stock Dips 10% Amid AI Volatility Ahead of Q3 Earnings

AMD stock fell nearly 10% from $580 on June 30 to roughly $516 by...

Must Read

Are Cryptocurrency Securities?

TL;DR - Cryptocurrencies are not typically considered securities, as they are decentralized digital assets that operate independently of any central authority or government. However,...
Ad
Altseason Is Loading. These 4 coins are trending right now.
SOL $92.12
DOGE $0.0950
LINK $9.02
SUI $1.02
5% off spot fees when you sign up
Start Trading