Cybersecurity experts have discovered the Evelyn Stealer program, which is being distributed through fake extensions for Visual Studio Code. According to Trend Micro, it silently collects passwords, browser data, and crypto wallets, and infected developers' work computers can be used as an entry point for attacks on companies and their cloud infrastructure.