A threat actor called TigerJack is constantly targeting developers with malicious extensions published on Microsoft's Visual Code (VSCode) marketplace and OpenVSX registry to steal cryptocurrency and ...
Update May 21: GitHub has now linked this breach to the TanStack npm supply-chain attack and says the employee installed a malicious version of the Nx Console extension. GitHub has confirmed that ...