Fake VS Code Extensions Escalate into Credential Theft

Malicious actors are once again exploiting Visual Studio Code’s extension ecosystem, this time through a counterfeit Prettier plugin that evolved into a multi-stage attack—from marketplace install to full remote access and credential exfiltration. The incident spotlights the growing security gap in developer tooling supply chains.
December 08, 2025
8
239
.NET
 Discuss
 Read