#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News

Visual Studio Code | Breaking Cybersecurity News | The Hacker News

Category — Visual Studio Code
Chinese TA415 Uses VS Code Remote Tunnels to Spy on U.S. Economic Policy Experts

Chinese TA415 Uses VS Code Remote Tunnels to Spy on U.S. Economic Policy Experts

Sep 17, 2025 Cyber Espionage / Malware
A China-aligned threat actor known as TA415 has been attributed to spear-phishing campaigns targeting the U.S. government, think tanks, and academic organizations utilizing U.S.-China economic-themed lures. "In this activity, the group masqueraded as the current Chair of the Select Committee on Strategic Competition between the United States and the Chinese Communist Party (CCP), as well as the U.S.-China Business Council, to target a range of individuals and organizations predominantly focused on U.S.-China relations, trade, and economic policy," Proofpoint said in an analysis. The enterprise security company said the activity, observed throughout July and August 2025, is likely an effort on part of Chinese state-sponsored threat actors to facilitate intelligence gathering amid ongoing U.S.-China trade talks, adding the hacking group shares overlaps with a threat cluster tracked broadly under the names APT41 and Brass Typhoon (formerly Barium). The findings come days...
Toptal GitHub Breach Exposes 73 Repositories and Injects Malware into 10 npm Packages

Toptal GitHub Breach Exposes 73 Repositories and Injects Malware into 10 npm Packages

Jul 28, 2025 Malware / Developer Tools
In what's the latest instance of a software supply chain attack, unknown threat actors managed to compromise Toptal's GitHub organization account and leveraged that access to publish 10 malicious packages to the npm registry. The packages contained code to exfiltrate GitHub authentication tokens and destroy victim systems, Socket said in a report published last week. In addition, 73 repositories associated with the organization were made public. The list of affected packages is below - @toptal/picasso-tailwind @toptal/picasso-charts @toptal/picasso-shared @toptal/picasso-provider @toptal/picasso-select @toptal/picasso-quote @toptal/picasso-forms @xene/core @toptal/picasso-utils @toptal/picasso-typograph All the Node.js libraries were embedded with identical payloads in their package.json files, attracting a total of about 5,000 downloads before they were removed from the repository. The nefarious code has been found to specifically target the preinstall and p...
New Flaw in IDEs Like Visual Studio Code Lets Malicious Extensions Bypass Verified Status

New Flaw in IDEs Like Visual Studio Code Lets Malicious Extensions Bypass Verified Status

Jul 01, 2025 Developer Security / Software Development
A new study of integrated development environments (IDEs) like Microsoft Visual Studio Code, Visual Studio, IntelliJ IDEA, and Cursor has revealed weaknesses in how they handle the extension verification process, ultimately enabling attackers to execute malicious code on developer machines. "We discovered that flawed verification checks in Visual Studio Code allow publishers to add functionality to extensions while maintaining the verified icon," OX Security researchers Nir Zadok and Moshe Siman Tov Bustan said in a report shared with The Hacker News. "This results in the potential for malicious extensions to appear verified and approved, creating a false sense of trust." Specifically, the analysis found that Visual Studio Code sends an HTTP POST request to the domain "marketplace.visualstudio[.]com" to determine if an extension is verified or otherwise. The exploitation method essentially involves creating a malicious extension with the same verifia...
cyber security

Executive's Guide to Incident Response Readiness

websiteSygniaIncident Response / Cyber Resilience
Practical steps for executives to strengthen defenses and lead effective cyber response. Get the Guide.
cyber security

Weaponized GenAI + Extortion-First Strategies Fueling a New Age of Ransomware

websiteZscalerRansomware / Endpoint Security
Trends and insights based on expert analysis of public leak sites, ransomware samples and attack data.
Expert Insights Articles Videos
Cybersecurity Resources