Cybersecurity researchers uncovered a supply chain attack on the Ethcode Visual Studio Code extension through a malicious GitHub pull request, resulting in a compromised dependency that downloaded malware. The attack exemplifies the rising threat of open-source supply chain compromises targeting developer tools and ecosystems. #Ethcode #keythereum-utils
Keypoints
- The Ethcode extension was compromised via a malicious GitHub pull request, injecting harmful code.
- The attack involved adding a heavily obfuscated npm dependency that downloaded a second-stage payload.
- The malicious script downloaded and executed a PowerShell script, likely aiming to steal cryptocurrency or sabotage smart contracts.
- Following the discovery, Microsoft removed and later reinstated the extension after removing the malicious dependency.
- This incident highlights the escalating prevalence of supply chain attacks exploiting open-source repositories and developer tools.
Read More: https://thehackernews.com/2025/07/malicious-pull-request-infects-6000.html