Malicious pull request infects VS Code extension
ETHcode, a VS Code extension for Ethereum smart contract development, was compromised following a GitHub pull request.
Learn More about Malicious pull request infects VS Code extensionPetar Kirhmajer
Threat Researcher, ReversingLabs.
Recent Posts from Petar Kirhmajer
Malicious pull request infects VS Code extension
Suspicious NuGet package grabs data from industrial systems
Here's what the RL research team knows about the suspicious SqzrFramework480 campaign, which is still available on the NuGet repository.
Learn More about Suspicious NuGet package grabs data from industrial systems
Attackers leverage PyPI to sideload malicious DLLs
RL discovered two malicious packages and a subsequent larger campaign, showing that the approach is an emerging software supply chain attack method.
Learn More about Attackers leverage PyPI to sideload malicious DLLs