On Demand Webinar

Unmasking a VS Code Supply Chain Attack

Group 2221

Explore one of the most compelling recent software supply chain attacks targeting the popular VS Code platform. This webinar will dissect the compromise of ETHcode, a trusted Visual Studio Code extension for Ethereum smart contract development with nearly 6,000 installs.

Hijacked through a GitHub pull request introducing just two lines of malicious code, ETHcode demonstrates how minimal changes can have devastating impacts.

ReversingLabs experts unpack how automated detection flagged these suspicious changes — missed by human reviewers — and reveal lessons for defending against similar threats.

Learn how modern development workflows, reliant on community-driven extensions and auto-updating ecosystems, are becoming high-value targets—and what proactive strategies can help protect your organization.

Among other things, the webinar will explore:

  • How the attacker used a fake GitHub account to deliver the payload.

  • Why the malicious changes escaped the notice of human code reviewers.

  • What the obfuscated “keythereum-utils” dependency did, and how it nearly went unnoticed.

  • Best practices for detecting and mitigating similar threats in your CI/CD pipeline.

Watch now.

Watch Now

Meet the Speakers

CvA
Karlo Zanki
Petar Kirhmajer