Cybersecurity researchers have discovered two malicious Microsoft Visual Studio Code (VS Code) extensions that are advertised as artificial intelligence (AI)-powered coding assistants, but also harbor covert functionality to siphon developer data to China-based servers.The extensions, which have 1.5 million combined installs and are still available for download from the official Visual Studio
First seen on thehackernews.com
Jump to article: thehackernews.com/2026/01/malicious-vs-code-ai-extensions-with-15.html
