Cybersecurity researchers have recently uncovered a significant threat involving 73 malicious extensions on the Open VSX repository for Microsoft Visual Studio Code (VS Code). These extensions are clones of legitimate ones, with six confirmed to be actively delivering GlassWorm v2 malware, an information-stealing variant. This discovery highlights the ongoing challenges in maintaining software integrity and the need for vigilant monitoring of third-party extensions, especially in widely-used development environments like VS Code.
For businesses, this incident serves as a critical reminder of the risks associated with using third-party software and extensions. Organizations should implement strict security protocols, including regular audits of software components and employee training on identifying potential threats. Additionally, the use of endpoint protection solutions that can detect and block malicious activities is vital. The persistence of such malware campaigns underscores the importance of robust cybersecurity practices and the need for continuous vigilance in an era where AI and software development tools are increasingly targeted by cybercriminals.
---
*Originally reported by [The Hacker News](https://thehackernews.com/2026/04/researchers-uncover-73-fake-vs-code.html)*