An Open VSX extension used by thousands of developers has been caught silently pulling a full-featured remote access trojan and infostealer from GitHub. The KhangNghiem/fast-draft extension, listed on open-vsx.org and tracked at over 26,000 downloads as of March 17, 2026, contained multiple malicious releases that executed a GitHub-hosted downloader and fetched a second-stage payload from […] The post Open VSX Extension Delivers RAT and Stealer via GitHub Downloader appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
First seen on gbhackers.com
Jump to article: gbhackers.com/open-vsx-extension/
