New research has uncovered that publishers of over 100 Visual Studio Code (VS Code) extensions leaked access tokens that could be exploited by bad actors to update the extensions, posing a critical software supply chain risk.
“A leaked VSCode Marketplace or Open VSX PAT [personal access token] allows an attacker to directly distribute a malicious extension update across the entire install base,” Wiz security researcher Rami McCarthy said in a report shared with The Hacker News. “An attacker who discovered this issue would have been able to directly distribute malware to the cumulative 150,000 install base.”
The cloud security firm noted in many cases publishers failed to account for the fact that VS Code extensions, while distributed as .vsix files, can be unzipped and inspected, exposing hard-coded secrets embedded into them.
In all, Wiz said it found over 550 validated secrets, distributed across more than 500 extensions from hundreds of distinct publishers. The 550 secrets have been found to fall under 67 distinct types of secrets, including –
- AI provider secrets, such as those related to OpenAI, Gemini, Anthropic, XAI, DeepSeek, Hugging Face, and Perplexity
- Cloud service provider secrets, such as those related to Amazon Web Services (AWS), Google Cloud, GitHub, Stripe, and Auth0
- Database secrets, such as those related to MongoDB, PostgreSQL, and Supabase
Wiz also noted in its report that more than 100 extensions leaked VS Code Marketplace PATs, which accounted for over 85,000 installs. Another 30 extensions with a cumulative install base of no less than 100,000 have been found to Open VSX Access Tokens. A significant chunk of the flagged extensions are themes.
With Open VSX also integrated into artificial intelligence (AI)-powered VS Code forks like Cursor and Windsurf, extensions that leak access tokens can significantly expand the attack surface.
In one instance, the company said it identified a VS Code Marketplace PAT that could have allowed for pushing targeted malware to the workforce of a $30 billion market cap Chinese mega corporation, indicating that the problem also extends to internal or vendor-specific extensions used by organizations.
Following responsible disclosure to Microsoft in late March and April 2025, the Windows maker has revoked the leaked PATs and announced it’s adding secret scanning capabilities to block extensions with verified secrets and notify developers when secrets are detected.
VS Code users are advised to limit the number of installed extensions, scrutinize extensions prior to downloading them, and weigh the pros and cons of enabling auto-updates. Organizations are recommended to develop an extension inventory to better respond to reports of malicious extensions and consider a centralized allowlist for extensions.
“The issue highlights the continued risks of extensions and plugins, and supply chain security in general,” Wiz said. “It continues to validate the impression that any package repository…
Source link
Disclaimer
We strive to uphold the highest ethical standards in all of our reporting and coverage. We blogs.grocliq.com want to be transparent with our readers about any potential conflicts of interest that may arise in our work. It’s possible that some of the investors we feature may have connections to other businesses, including competitors or companies we write about. However, we want to assure our readers that this will not have any impact on the integrity or impartiality of our reporting. We are committed to delivering accurate, unbiased news and information to our audience, and we will continue to uphold our ethics and principles in all of our work. Thank you for your trust and support.
Website Upgradation is going on for any glitch kindly connect at [email protected]
