home.social
Sign in Create account

#openvsx — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #openvsx, aggregated by home.social.

  1. Alvin Ashcraft 🐿️ @[email protected] ·

    WinDev Helper VS Code extension v3.0.0 (more enhancements for the official WinUI dotnet new templates)

    marketplace.visualstudio.com/i

    #windowsdev #winui #vscode #openvsx #windowsappsdk #dotnet #csharp #xaml

    #windowsdev #winui #vscode #openvsx #windowsappsdk #dotnet
  2. Alvin Ashcraft 🐿️ @[email protected] ·

    WinDev Helper VS Code extension v3.0.0 (more enhancements for the official WinUI dotnet new templates)

    marketplace.visualstudio.com/i

    #windowsdev #winui #vscode #openvsx #windowsappsdk #dotnet #csharp #xaml

    #windowsdev #winui #vscode #openvsx #windowsappsdk #dotnet
  3. Alvin Ashcraft 🐿️ @alvinashcraft ·

    WinDev Helper VS Code extension v3.0.0 (more enhancements for the official WinUI dotnet new templates)

    marketplace.visualstudio.com/i

    #windowsdev #winui #vscode #openvsx #windowsappsdk #dotnet
  4. Alvin Ashcraft 🐿️ @[email protected] ·

    WinDev Helper VS Code extension v3.0.0 (more enhancements for the official WinUI dotnet new templates)

    marketplace.visualstudio.com/i

    #windowsdev #winui #vscode #openvsx #windowsappsdk #dotnet #csharp #xaml

    #xaml #csharp #dotnet #windowsappsdk #openvsx #vscode
  5. Alvin Ashcraft 🐿️ @[email protected] ·

    WinDev Helper VS Code extension v3.0.0 (more enhancements for the official WinUI dotnet new templates)

    marketplace.visualstudio.com/i

    #windowsdev #winui #vscode #openvsx #windowsappsdk #dotnet #csharp #xaml

    #windowsdev #winui #vscode #openvsx #windowsappsdk #dotnet
  6. Xavier «X» Santolaria :verified_paw: :donor: @[email protected] ·

    🕵🏻‍♂️ [InfoSec MASHUP] - This week's news cycle handed us the usual parade of breaches, arrests, and patch-your-stuff urgency — but if you squint at the #Malware section long enough, a more uncomfortable story emerges. #SAP-related npm packages backdoored with a credential stealer. A popular #PyPI package hijacked via a forged signed release pushed through a compromised GitHub Actions workflow. Seventy-three "sleeper" extensions quietly sitting in #OpenVSX, waiting. The common thread: attackers aren't breaking down the front door anymore. They're walking in through the tools developers use every day, often with a valid signature and a clean commit history.

    What makes this particularly fun — in the way a slow-motion disaster is fun — is that the blast radius isn't just the developer who ran pip install. It's every downstream user, every CI/CD pipeline, every AI coding agent that helpfully executed the preinstall hook without asking questions. The supply chain isn't a niche threat vector reserved for nation-state ops anymore. It's where commodity attackers are increasingly playing, because it scales beautifully and the detection gap remains embarrassingly wide.

    → Week #18/2026 also covers: Supply chain attackers found the path of least resistance, #OpenSSH patched a bug older than most junior devs, and #Europe is done pretending U.S. #cloud is a neutral choice.

    Full issue 👉 infosec-mashup.santolaria.net/

    If you find it useful, subscribe to get it in your inbox every weekend 📨 #infosecMASHUP #cybersecurity #infosec #threatintel #AI

    #malware #sap #pypi #openvsx #openssh #europe
  7. Analyst207 @[email protected] ·

    Researchers Expose 73 Fake VS Code Extensions Spreading GlassWorm v2 Malware

    Malicious VS Code extensions are putting developers at risk, with 73 fake extensions discovered spreading GlassWorm v2 malware, allowing attackers to stealthily retrieve and execute payloads after activation. These extensions act as loaders, using obfuscated JavaScript to achieve the same malicious…

    osintsights.com/researchers-ex

    #MalwareOperations #GlasswormV2 #VsCodeExtensions #OpenVsx #InformationstealingCampaign

    #malwareoperations #glasswormv2 #vscodeextensions #openvsx #informationstealingcampaign
  8. (in)sicurezza digitale @[email protected] ·

    GlassWorm muta ancora: 73 estensioni “sleeper” su Open VSX pronte a svegliarsi come malware

    La campagna GlassWorm torna con 73 nuove estensioni dormanti sul marketplace Open VSX. Socket ha rilevato nuove attivazioni malware da estensioni che erano parse innocue per settimane: un escalation preoccupante per l'intera pipeline di sviluppo software.

    insicurezzadigitale.com/glassw

    #glassworm #infosec #malware #openvsx #supplychain #supplychainattack
  9. The DefendOps Diaries @[email protected] ·

    A trusted Solidity extension turned traitor – the SleepyDuck Trojan used blockchain to stealthily control developers’ tools. Could your favorite extension be hiding a dark secret?

    thedefendopsdiaries.com/the-sl

    #sleepyduck
    #soliditysecurity
    #openvsx
    #blockchainmalware
    #vscodeextension
    #cyberthreats
    #malwareanalysis
    #developersecurity
    #infosec

    #sleepyduck #soliditysecurity #openvsx #blockchainmalware #vscodeextension #cyberthreats
  10. Eckes :mastodon: @[email protected] ·

    Come on #OpenVSX and #ESF, get your Acts together. We need more pròactive content review. One of the largest Developer ecosystems can’t operate in wild Western Style anymore. github.com/eclipse/openvsx/iss

    #openvsx #esf