VS Code 市集上的惡意 AI 擴充功能竊取開發者資料

Fortinet confirms critical FortiCloud auth bypass not fully patched

Okta SSO accounts targeted in vishing-based data theft attacks

Hackers exploit critical telnetd auth bypass flaw to get root

Hackers get $1,047,000 for 76 zero-days at Pwn2Own Automotive 2026

ShinyHunters claim to be behind SSO-account data theft attacks

Malicious AI extensions on VSCode Marketplace steal developer data

CISA confirms active exploitation of four enterprise software bugs

US to deport Venezuelans who emptied bank ATMs using malware

How to access the Dark Web using the Tor Browser

How to enable Kernel-mode Hardware-enforced Stack Protection in Windows 11

How to use the Windows Registry Editor

How to backup and restore the Windows Registry

How to start Windows in Safe Mode

How to remove a Trojan, Virus, Worm, or other Malware

How to show hidden files in Windows 7

How to see hidden files in Windows

Qualys BrowserCheck

STOPDecrypter

AuroraDecrypter

FilesLockerDecrypter

AdwCleaner

ComboFix

RKill

Junkware Removal Tool

eLearning

IT Certification Courses

Gear + Gadgets

Security

Best VPNs

How to change IP address

Access the dark web safely

Best VPN for YouTube

Malicious AI extensions on VSCode Marketplace steal developer data

Two malicious extensions in Microsoft’s Visual Studio Code (VSCode) Marketplace that were collectively installed 1.5 million times exfiltrate developer data to China-based servers.

Both extensions are advertised as AI-based coding assistants that provide the promised functionality. However, they do not disclose the upload activity or ask users for consent to deliver data to a remote server.

The VS Code Marketplace is the official store for add-ons for Microsoft’s popular code editor. VS Code extensions are installable plugins from the marketplace that add features or integrate tools into the editor. One of the most popular add-on categories right now is AI-powered coding assistants.

Researchers at endpoint and supply-chain security company Koi say that the two malicious extensions are part of a campaign they dubbed 'MaliciousCorgi' and share the same code for stealing developer data.

Additionally, both of them use the same spyware infrastructure and communicate with the same backend servers. At publishing time, both are present on the marketplace:

The extensions use three distinct data-collection mechanisms. The first involves real-time monitoring of files opened in the VS Code client. When a file is accessed, its entire contents are encoded in Base64 and transmitted to the attackers’ servers.

Any changes to the opened file are also captured and exfiltrated.

"The moment you open any file – not interact with it, just open it – the extension reads its entire contents, encodes it as Base64, and sends it to a webview containing a hidden tracking iframe. Not 20 lines. The entire file,"  Koi researchers say.

The second mechanism involves a server-controlled file-harvesting command that stealthily transmits up to 50 files from the victim’s workspace each time.

The third mechanism uses a zero-pixel iframe in the extension’s webview to load four commercial analytics SDKs: Zhuge.io, GrowingIO, TalkingData, and Baidu Analytics.

These SDKs are used to track user behavior, build identity profiles, fingerprint devices, and monitor activity inside the editor. So, while the first two collect developer work files, the third focuses on user profiling.

Koi Security highlights the risks posed by undocumented functionality in these extensions, including the exposure of private source code, configuration files, cloud service credentials, and .env files containing API keys and credentials.

BleepingComputer has contacted Microsoft about the presence of the two extensions on the VSCode market, but we are still waiting for a reply. We were unable to establish a communication channel with the publisher of the extensions.

Secrets Security Cheat Sheet: From Sprawl to Control

Whether you're cleaning up old keys or setting guardrails for AI-generated code, this guide helps your team build securely from the start.

Get the cheat sheet and take the guesswork out of secrets management.

Related Articles:

Microsoft Copilot Studio extension for VS Code now publicly available

VSCode IDE forks expose users to "recommended extension" attacks

Microsoft updates Notepad and Paint with more AI features

Microsoft Copilot is rolling out GPT 5.2 as "Smart Plus" mode

Malicious VSCode Marketplace extensions hid trojan in fake PNG file

Not a member yet? Register Now

You may also like:

Fortinet admins report patched FortiGate firewalls getting hacked

Hackers breach Fortinet FortiGate devices, steal firewall configs

Zendesk ticket systems hijacked in massive global spam wave

Identity Governance & Threat Detection in one: Get a guided tour of our platform

Overdue a password health-check? Audit your Active Directory for free

Exposure Management Index: Insights From 3,000+ Teams. Get The Report.

Discover how phishing kits are sold and deployed. Download the full research report.

Terms of Use - Privacy Policy - Ethics Statement - Affiliate Disclosure

Copyright @ 2003 - 2026 Bleeping Computer® LLC - All Rights Reserved

Not a member yet? Register Now

Read our posting guidelinese to learn what content is prohibited.