VSCode IDE Forks Expose Users To 'Recommended Extension' Attacks (bleepingcomputer.com) 6
An anonymous reader shares a report: Popular AI-powered integrated development environment solutions, such as Cursor, Windsurf, Google Antigravity, and Trae, recommend extensions that are non-existent in the OpenVSX registry, allowing threat actors to claim the namespace and upload malicious extensions.
These AI-assisted IDEs are forked from Microsoft VSCode, but cannot use the extensions in the official store due to licensing restrictions. Instead, they are supported by OpenVSX, an open-source marketplace alternative for VSCode-compatible extensions. As a result of forking, the IDEs inherit the list of officially recommended extensions, hardcoded in the configuration files, which point to Microsoft's Visual Studio Marketplace.
These AI-assisted IDEs are forked from Microsoft VSCode, but cannot use the extensions in the official store due to licensing restrictions. Instead, they are supported by OpenVSX, an open-source marketplace alternative for VSCode-compatible extensions. As a result of forking, the IDEs inherit the list of officially recommended extensions, hardcoded in the configuration files, which point to Microsoft's Visual Studio Marketplace.
Re: (Score:1)
Open core software problem - need clean forks (Score:2)
This shows the danger of forgetting ideology and politics* in your software development and more importantly purchasing. In order to safely use an open core product like VScode or RedHat using a fork is absolutely crucial but it's not enough. You need a project like Rocky Linux or VSCodium and that project needs to be seriously supported to rip out all trace of the upstream vendor. The other forks then need to fork from that fork not the original. Someone needs to care about getting full control of the soft
Re: (Score:2)
What the hell are you ranting about? The exploit is because the forks overloaded .vscode/extensions.json to work on both OpenVSX and MS repos. The forks just need a different filename like .vscode/openvsk.json. It's not ideology and politics, it's "oops, didn't think of that".
Re: (Score:2)
Indeed. You need to look at who does things, who they are and what mind-set they have and where they are located. And you may need to do additional risk-management in addition, depending on what you find out.
This already means that "drag in 1000 libraries from the Internet" cannot be done securely. Plug-ins (whether recommended by an "artificial idiot" or not) come with similar requirements. This is not even surprising: If you trust everyone, without any verification, you will get robbed and scammed. That h
because it sounds likely? (Score:2)
"These recommendations come in two forms: one file-based, triggered when opening a file such as azure-pipelines.yaml, and recommends the Azure Pipelines extension; the other is software-based, occurring when detecting that PostgreSQL is installed on the developer’s system and suggesting a PostgreSQL extension. However, not all of the recommended extensions exist on OpenVSX, so the corresponding publisher namespaces are unclaimed."
This seems like a problem that should be easily fixable in the LLM syste