VS Code extension publishers' secret leak
Data Leak
Summary
Hide ▲
Show ▼
A VS Code extension publisher secret leak exposed access tokens and PATs across more than 500 extensions, creating a supply-chain path for malicious updates. The exposure included over 550 validated secrets from hundreds of publishers, with more than 100 Marketplace PATs tied to 85,000 installs and 30 Open VSX tokens tied to at least 100,000 installs. On October 21, the Open VSX registry removed malicious extensions and rotated or revoked associated tokens after leaked credentials were used in the GlassWorm campaign. Open VSX later said the incident was fully contained, while Microsoft said it revoked leaked PATs and planned additional secret-scanning measures.
Related Happenings
Shai-Hulud supply-chain campaign spreading via stolen CI/CD credentials
Campaign
First: 12.05.2026 14:29
Last: 12.05.2026 14:29
Sources 1
About this happening:
The **Shai-Hulud** **supply-chain campaign** remains active across **npm**, **PyPI**, and **Composer**, with the latest reporting tying **TeamPCP** to both a claimed **GitHub inte...
Shai-Hulud supply-chain campaign spreading via stolen CI/CD credentials
CampaignAbout this happening: The **Shai-Hulud** **supply-chain campaign** remains active across **npm**, **PyPI**, and **Composer**, with the latest reporting tying **TeamPCP** to both a claimed **GitHub inte...
GlassWorm OpenVSX sleeper extension campaign
Campaign
First: 28.04.2026 00:41
Last: 28.04.2026 00:41
Sources 1
About this happening:
The **GlassWorm** operation has launched a **new wave** against **OpenVSX**, seeding **73 sleeper extensions** that become malicious after an **update** and can deliver malware to...
GlassWorm OpenVSX sleeper extension campaign
CampaignAbout this happening: The **GlassWorm** operation has launched a **new wave** against **OpenVSX**, seeding **73 sleeper extensions** that become malicious after an **update** and can deliver malware to...
GlassWorm v2 cloned VS Code extension loaders
Malware Activity
First: 27.04.2026 14:23
Last: 27.04.2026 14:23
Sources 1
About this happening:
The **GlassWorm v2** malware activity now uses **cloned VS Code extensions** on **Open VSX** to deliver payloads that steal credentials, deploy a **RAT**, and spread across multip...
GlassWorm v2 cloned VS Code extension loaders
Malware ActivityAbout this happening: The **GlassWorm v2** malware activity now uses **cloned VS Code extensions** on **Open VSX** to deliver payloads that steal credentials, deploy a **RAT**, and spread across multip...
GlassWorm Zig dropper infecting developer IDEs
Malware Activity
First: 10.04.2026 16:23
Last: 10.04.2026 16:23
Sources 1
About this happening:
The **GlassWorm** malware set now uses a **Zig dropper** that can silently infect **all VS Code-based IDEs** on a developer's machine, widening the reach of the compromise. The pa...
GlassWorm Zig dropper infecting developer IDEs
Malware ActivityAbout this happening: The **GlassWorm** malware set now uses a **Zig dropper** that can silently infect **all VS Code-based IDEs** on a developer's machine, widening the reach of the compromise. The pa...
TeamPCP supply-chain credential-exploitation campaign
Campaign
First: 31.03.2026 15:15
Last: 31.03.2026 15:15
Sources 1
About this happening:
The **TeamPCP** campaign now includes a confirmed **GitHub** compromise tied to a poisoned **Nx Console VS Code extension**. GitHub said the breach of its internal repositories ca...
TeamPCP supply-chain credential-exploitation campaign
CampaignAbout this happening: The **TeamPCP** campaign now includes a confirmed **GitHub** compromise tied to a poisoned **Nx Console VS Code extension**. GitHub said the breach of its internal repositories ca...
Latest development: 12.05.2026 01:03
TeamPCP compromised the Checkmarx Jenkins AST plugin by publishing a rogue version to repo.jenkins-ci.org on May 9, 2026, outside the official release pipeline. The malicious upload was tied to access to Checkmarx GitHub repositories and was used to deliver credential-stealing malware and malicious code to the affected organization.
Timeline
-
02.11.2025 17:09 1 articles · 6mo ago
Open VSX removes malicious extensions and rotates leaked tokens
Mitigation Patch UpdateOn October 21, the Open VSX registry removed all malicious extensions and rotated or revoked associated access tokens after leaked developer credentials were used to publish malicious extensions in a supply-chain attack. Open VSX later confirmed the incident was fully contained with no ongoing impact.
Show sources
- Open VSX rotates access tokens used in supply-chain malware attack — www.bleepingcomputer.com — 02.11.2025 17:09
-
15.10.2025 17:16 2 articles · 7mo ago
VS Code extension publishers exposed access tokens and PATs
Initial DisclosureWiz disclosed that publishers of more than 500 Visual Studio Code extensions exposed over 550 validated secrets across hundreds of distinct publishers, including more than 100 VS Code Marketplace PATs tied to over 85,000 installs and 30 Open VSX access tokens tied to at least 100,000 installs, creating a path for malicious extension updates at scale. The disclosure also noted that leaked Marketplace or Open VSX tokens could let an attacker distribute malware through trusted extension update channels, and Microsoft said it revoked leaked PATs and would add secret scanning capabilities for verified secrets.
Show sources
- Over 100 VS Code Extensions Exposed Developers to Hidden Supply Chain Risks — thehackernews.com — 15.10.2025 17:16
- Over 100 VS Code Extensions Exposed Developers to Hidden Supply Chain Risks — thehackernews.com — 15.10.2025 17:16