Open VSX Supply Chain Attack скачать в хорошем качестве

Open VSX Supply Chain Attack

🚨 *DEVS BEWARE!* Is your favourite VS Code extension actually a Trojan horse? 🦠 Today we’re diving into a massive *Open VSX supply chain attack* that has rocked the developer community in early 2026. *What happened?* 🕵️‍♂️ Cybersecurity researchers have uncovered that a legitimate developer account (under the name 'oorzc') was compromised to push malicious updates to four popular extensions. These tools weren’t new—some had been trusted for over two years and racked up over *22,000 downloads* before the "poisoned" versions were released! *The Hit List* 📝 If you have any of these installed, it’s time to hit delete **IMMEDIATELY**: *FTP/SFTP/SSH Sync Tool* (oorzc.ssh-tools) 🛠️ *I18n Tools* (oorzc.i18n-tools-plus) 🌐 *vscode mindmap* (oorzc.mind-map) 🧠 *scss to css* (oorzc.scss-to-css-compile) 🎨 *What is GlassWorm?* 🐛 The malicious updates deliver a loader known as **GlassWorm**. This isn't just a simple bug; it’s a sophisticated data-stealing machine designed to raid your **macOS credentials, iCloud Keychain, and Safari cookies**. It’s especially hungry for: *Crypto Wallets:* MetaMask, Exodus, Atomic, and more. 💸 *Developer Secrets:* Your `~/.aws` and `~/.ssh` credentials (this allows hackers to jump into your cloud environments!). ☁️ *Personal Data:* Apple Notes and documents from your Desktop and Downloads folders. 📂 *The Sneaky Tactics* ⛓️ The attackers are using a weaponised technique called **EtherHiding**, which uses Solana blockchain memos as a "dead drop" to rotate their infrastructure without needing to republish the extensions. Plus, the malware is programmed to skip any machines with Russian locales to avoid domestic prosecution. 🇷🇺 *Crucial Warning!* ⚠️ Even though these extensions have been removed from the Open VSX Registry, **they will not automatically uninstall from your editor**. You must manually check your extensions and remove the compromised versions to stay safe. Stay vigilant, keep your tokens secure, and always audit your supply chain! 🛡️ *Sources:* Information drawn from "Open VSX Supply Chain Attack Used Compromised Dev Account to Spread GlassWorm" by Ravie Lakshmanan, published by **The Hacker News**. #OpenVSX #CyberSecurity #MalwareAlert #VSCode #GlassWorm #SupplyChainAttack #DevSecOps #MacOSSecurity #CryptoSecurity #TheHackerNews