Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

Open VSX Registry adds pre-publish security checks for VS Code extensions

Security Tool/Service
First reported
Last updated
Happening score
H score 10
1 unique sources, 2 articles

Summary

Hide ▲

Open VSX Registry will add pre-publish security checks for VS Code extensions, reducing the chance that malicious packages reach the ecosystem. The rollout uses February 2026 to monitor new uploads before blocking them, with enforcement starting next month. The checks are meant to catch namespace impersonation, published secrets, and known malicious patterns earlier and limit exposure.

Related Happenings

Mini Shai-Hulud npm supply-chain malware wave

Malware Activity
First: 12.05.2026 14:07 Last: 12.05.2026 14:07 Sources 1

About this happening: The **Sha1-Hulud** npm supply-chain campaign is a fresh **second wave** of **Shai-Hulud**-style activity that has compromised **hundreds of npm packages**. The malware runs during...

Open Happening

Rogue Checkmarx Jenkins AST plugin release on Jenkins Marketplace

Security Tool/Service
First: 12.05.2026 01:03 Last: 12.05.2026 01:03 Sources 1

About this happening: A **rogue 2026.5.09 release** of the **Checkmarx Jenkins AST plugin** was uploaded to **repo.jenkins-ci.org**, undermining trust in a security-scanning component used in **Jenkins...

Open Happening

Windows Shell spoofing flaw actively exploited (CVE-2026-32202)

Vulnerability
First: 28.04.2026 08:50 Last: 28.04.2026 08:50 Sources 1

About this happening: **Microsoft** updated **Windows Shell** advisory guidance to confirm **CVE-2026-32202** was **actively exploited in the wild**, raising the risk of sensitive-information disclosur...

Open Happening

GlassWorm OpenVSX sleeper extension campaign

Campaign
First: 28.04.2026 00:41 Last: 28.04.2026 00:41 Sources 1

About this happening: The **GlassWorm** operation has launched a **new wave** against **OpenVSX**, seeding **73 sleeper extensions** that become malicious after an **update** and can deliver malware to...

Open Happening

GlassWorm v2 cloned VS Code extension loaders

Malware Activity
First: 27.04.2026 14:23 Last: 27.04.2026 14:23 Sources 1

About this happening: The **GlassWorm v2** malware activity now uses **cloned VS Code extensions** on **Open VSX** to deliver payloads that steal credentials, deploy a **RAT**, and spread across multip...

Open Happening

Timeline

  1. 27.03.2026 15:57 1 articles · 2mo ago

    Open VSX pre-publish scanning bug patched

    Mitigation Patch Update

    Koi Security disclosed a now-patched flaw in Open VSX's pre-publish scanning pipeline that could let a malicious Microsoft Visual Studio Code (VS Code) extension pass vetting and go live when scanner job failures were misread as "no scanners are configured"; Open VSX fixed the issue in version 0.32.0 after responsible disclosure on February 8, 2026.

    Show sources
    Open in new tab
  2. 04.02.2026 08:26 2 articles · 3mo ago

    Open VSX Registry adds pre-publish security checks

    Initial Disclosure

    The Eclipse Foundation plans to add pre-publish security checks for Microsoft Visual Studio Code (VS Code) extensions in the Open VSX Registry, moving from post-publication investigation to proactive screening so malicious uploads can be quarantined or blocked before publication. The staged rollout will monitor newly published extensions during February 2026 to tune the system, reduce false positives, and prepare enforcement to begin next month.

    Show sources
    Open in new tab