Skip to content

Let's Data ScienceLEARN • BUILD • STAY AHEAD

News
Blog
Code Problems
Pricing
Contact

© 2026 Let's Data Science

Advertise|Terms|Privacy||Image Rights

NewsVS Code Extensions Exfiltrate Developer Data

Industry Newsvisual studio codesoftware supply chainmalicious extensions

VS Code Extensions Exfiltrate Developer Data

|January 26, 2026

8.1

Relevance Score

VS Code Extensions Exfiltrate Developer Data

Cybersecurity researchers on Jan 26, 2026 discovered two malicious Microsoft Visual Studio Code extensions advertised as AI-powered coding assistants that covertly siphon developer data to China-based servers. The extensions have about 1.5 million combined installs and remained available from the official Visual Studio Marketplace at discovery, raising supply-chain and credential-exposure concerns. Organizations should audit installed extensions, rotate exposed secrets, and block the flagged packages.

Scoring Rationale

High practical impact and broad exposure, but limited independent verification and partial reporting reduce confidence.

Newsletter·Weekly · Free

Weekly AI News

A 5-minute Monday brief on AI & data science. Curated, no fluff.

Email address

No spam. Privacy.

Practice interview problems based on real data

1,500+ SQL & Python problems across 15 industry datasets — the exact type of data you work with.

Try 250 free problems

More AI & Data Science News

Gemini App Debuts Redesigned Android User Interface

Gemini App Debuts Redesigned Android User Interface

Microsoft lets Office users remove Copilot button

Microsoft lets Office users remove Copilot button

Microsoft Reshapes Leadership for AI Era

Microsoft Reshapes Leadership for AI Era

Lumentum Compares Favorably to Coherent in AI Infrastructure

Lumentum Compares Favorably to Coherent in AI Infrastructure

Back to News Feed

News on Let's Data Science is compiled from multiple public sources with editorial oversight. See our Editorial Standards and Corrections Policy.