Malicious AI extensions on VSCode Marketplace steal developer data

Marketplace that were collectively installed 1.5 million times, exfiltrate developer data to China-based servers.
TechRadar

VSCode extensions pulled over security risks, but millions of users have already installed

Security researchers found malicious code hiding in two VSCode extensions Microsoft quickly pulled them and notifies users The developer criticized Microsoft's move, saying they were never consulted ...