Cybersecurity researchers have uncovered a vulnerability in the Visual Studio Code Marketplace allowing malicious actors to reuse names of deleted extensions, potentially leading to supply chain attacks. The discovery highlights the risks of name reuse in open-source ecosystems and underscores the need for improved security practices. #VisualStudioCode #SupplyChainThreats
Keypoints
- The loophole permits reuse of extension names after they are removed from the Marketplace.
- Threat actors use similar names to distribute malicious extensions that download PowerShell payloads and demand Shiba Inu tokens.
- Visual Studio Codeβs naming rules do not prevent reuse once an extension is deleted, unlike other repositories like PyPI.
- Leaked chat logs and recent findings reveal efforts to poison open-source repositories with ransomware libraries.
- Security experts emphasize the importance of comprehensive monitoring and automated scanning of software supply chains.
Read More: https://thehackernews.com/2025/08/researchers-find-vs-code-flaw-allowing.html