Subscribe

Malicious code in millions of installs traced to Microsoft Visual Studio

June 10, 2024 A group of Israeli researchers found thousands of potentially harmful extensions on the Visual Studio Code (VSCode) Marketplace, with some having millions of downloads. The researchers created a fake extension mimicking the popular ‘Dracula Official’ theme, dubbed ‘Darcula’, which included risky code to collect system information. This extension was downloaded by multiple high-value targets, including a publicly listed company and major security firms.

Using a custom tool called ‘ExtensionTotal’, the researchers discovered 1,283 extensions with known malicious code, 8,161 communicating with hardcoded IP addresses, and 1,452 running unknown executables. Despite reporting these findings to Microsoft, many of these extensions remained available for download as little as a day ago.

The researchers warn that the lack of stringent security controls on the VSCode Marketplace poses a significant threat to organizations.

 

Top Stories

OpenAI and Anthropic go head-to-head with same-day AI model launches

Wikipedia positions itself as a defence against AI slop

French prosecutors raid X offices as Grok investigation widens

TELUS, L-SPARK partner to give startups access to domestic AI compute   

Software shares drop as AI agents rattle investors

OpenAI looks beyond Nvidia for chip alternatives 

Related Articles

Alphabet boosts capital spending to fuel data centers, AI infrastructure in 2026

February 6, 2026 Alphabet is sharply increasing its bet on generative artificial intelligence, lifting its 2026 capital spending plans to more...

OpenAI and Anthropic go head-to-head with same-day AI model launches

February 6, 2026 The competition between OpenAI and Anthropic intensified this week after both companies unveiled new artificial intelligence models more...

Bank of Canada governor warns AI could be weighing on youth employment 

February 6, 2026 Artificial intelligence may already be cutting into entry-level job opportunities for young people in Canada, Bank of more...

Wikipedia positions itself as a defence against AI slop

February 6, 2026 The Wikimedia Foundation announced in January that it is partnering with major AI companies, including Amazon, Meta, more...

Picture of Jim Love

Jim Love

Jim Love's career in technology spans more that four decades. He's been a CIO and headed a world wide Management Consulting practice. As an entrepreneur he built his own tech business. Today he is a podcast host with the popular tech podcasts Hashtag Trending and Cybersecurity Today with over 14 million downloads. As a novelist, his latest book "Elisa: A Tale of Quantum Kisses" is an Audible best seller. In addition, Jim is a songwriter and recording artist with a Juno nomination and a gold album to his credit. His music can be found at music.jimlove.com
Picture of Jim Love

Jim Love

Jim Love's career in technology spans more that four decades. He's been a CIO and headed a world wide Management Consulting practice. As an entrepreneur he built his own tech business. Today he is a podcast host with the popular tech podcasts Hashtag Trending and Cybersecurity Today with over 14 million downloads. As a novelist, his latest book "Elisa: A Tale of Quantum Kisses" is an Audible best seller. In addition, Jim is a songwriter and recording artist with a Juno nomination and a gold album to his credit. His music can be found at music.jimlove.com

Jim Love

Jim is an author and podcast host with over 40 years in technology.

Share:
Facebook
Twitter
LinkedIn
Tech News Day is a daily publication featuring key news stories about technology and how it affects businesses.

Follow Us

X-twitter Linkedin-in

Popular categories

Tech News Delivered

New, Relevant Tech Stories. Our selection is done by industry professionals – executives like you who pick the top stories for that day. Our writers summarize them to give you the key takeaways.
Subscribe
© 2025 TECHNEWSDAY. All rights reserved.