Close Menu
  • Latest News
    • Bitcoin
    • Ethereum
    • Altcoins
    • Meme Coins
  • DeFi
  • Tech
    • Blockchain
    • Security and Privacy
  • Web 3
    • Web3 News
    • Gaming
  • Legal
    • Taxes & Regulation
    • Adoption
  • Analysis
  • Learn
    • Education
    • Wallets and Exchanges
  • Tools
    • Market Overview
    • Converter
What's Hot

Industrial Valves Market Top Companies Study – Emerson, Flowserve Corporation, Sclumberger Limited, Crane Co., Neles.

July 23, 2025

Ethereum Dominates DeFi, Solana, Bitcoin, BSC, Tron, and Others among Top 10 

July 23, 2025

Coinbase starts CFTC-regulated perpetuals for US traders, offering 10x leverage and 0.02% fees

July 23, 2025
Facebook X (Twitter) Instagram
  • Contact
  • Privacy Policy
  • Terms & Conditions
  • Disclosure
Facebook X (Twitter) Instagram
Buy Crypto NewsBuy Crypto News
  • Latest News
    1. Bitcoin
    2. Ethereum
    3. Altcoins
    4. Meme Coins
    5. View All

    Asia Morning Briefing: The First AI vs BTC Environmental Impact Numbers are Here. And it Might Start a New Debate

    July 23, 2025

    Are Bitcoin Whales Dumping Their BTC?

    July 23, 2025

    Bitcoin Price Today Tests $116K Support – Is the Rally Still Alive?

    July 22, 2025

    Dream Of Banking The Unbanked Still Alive With Azteco

    July 22, 2025

    Inside why a $6 billion NFT market cap surge is fueling Ethereum’s Q3 bull case!

    July 23, 2025

    Accumulation of Major Bitcoin Investors and Whales Powering BTC Uptrend As Ethereum Witnesses Trend Reversal in Buyer Behavior: Glassnode

    July 23, 2025

    Ethereum and Cardano Price Prediction: Is $5K ETH and $5 ADA on Horizon?

    July 22, 2025

    ‘Sell Ethereum, buy Bitcoin’ – Will Peter Schiff be right this time?

    July 22, 2025

    These Two Bearish Scenarios Put Solana Price At $162 After Fakeout

    July 23, 2025

    Bitcoin faces profit-taking, but 4 reasons why BTC’s rally isn’t over yet!

    July 23, 2025

    Solana’s (SOL) Utility Token Skyrocketed, Here’s Why This New Audited AI Token Could Be Next To Reach The Charts

    July 23, 2025

    Venture Capital Firms Launch $360,000,000 Crypto Treasury Company Focused on Arthur Hayes-Backed Ethena (ENA)

    July 22, 2025

    Pepe, BMT, CAKE: Crypto Activity Heats Up

    March 18, 2025

    SHIB Burns Over Half a Billion Tokens, Price Surges Over 7%

    March 17, 2025

    DOGE Sees Massive User Growth: Active Addresses Up 400%

    March 15, 2025

    Shiba Inu (SHIB) Price Analysis: Bullish Hints, Bearish Trend

    March 15, 2025

    Industrial Valves Market Top Companies Study – Emerson, Flowserve Corporation, Sclumberger Limited, Crane Co., Neles.

    July 23, 2025

    Ethereum Dominates DeFi, Solana, Bitcoin, BSC, Tron, and Others among Top 10 

    July 23, 2025

    Coinbase starts CFTC-regulated perpetuals for US traders, offering 10x leverage and 0.02% fees

    July 23, 2025

    The Mad Journey from Terra to GENIUS

    July 23, 2025
  • DeFi

    Crypto acts like land, not tech, and that’s why it’s weird

    July 23, 2025

    Will Spark spike to $1?

    July 23, 2025

    Zebec crypto extends rally on Algorand integration into Zebec Cards and payroll ecosystem

    July 22, 2025

    Is Bitcoin at risk of correction as SpaceX wallet moves $152m in BTC after three years?

    July 22, 2025

    Solana’s DeFi TVL hits $10B, highest level in six-month high

    July 22, 2025
  • Tech
    1. Blockchain
    2. Security and Privacy
    3. View All

    Ethereum Dominates DeFi, Solana, Bitcoin, BSC, Tron, and Others among Top 10 

    July 23, 2025

    Ken Griffin’s Citadel Urges SEC to Treat Tokenized Shares Like Traditional Stocks

    July 23, 2025

    Helios Blockchain Partners ZNS Connect to Launch Web3 Naming on Testnet

    July 23, 2025

    Lawyers For Roman Storm May File For A Mistrial After Key Witness Testimony

    July 23, 2025

    Accounting Firm Targeted by Malware Campaign Using New Crypter

    July 22, 2025

    Grok refuses to pick winner for Crypto Rover competition citing ZachXBT pump and dump evidence

    July 21, 2025

    XRP trading volume soars as new ATH attracts deepfake scam targeting investors

    July 18, 2025

    AI-Generated Lcryx Ransomware Discovered in Cryptomining Botnet

    July 18, 2025

    Industrial Valves Market Top Companies Study – Emerson, Flowserve Corporation, Sclumberger Limited, Crane Co., Neles.

    July 23, 2025

    Ethereum Dominates DeFi, Solana, Bitcoin, BSC, Tron, and Others among Top 10 

    July 23, 2025

    Coinbase starts CFTC-regulated perpetuals for US traders, offering 10x leverage and 0.02% fees

    July 23, 2025

    The Mad Journey from Terra to GENIUS

    July 23, 2025
  • Web 3
    1. Web3 News
    2. Gaming
    3. View All

    Industrial Valves Market Top Companies Study – Emerson, Flowserve Corporation, Sclumberger Limited, Crane Co., Neles.

    July 23, 2025

    Introducing .DSci: A Domain for Decentralized Onchain Science

    July 23, 2025

    Global Security & Vulnerability Management Market to Surge to USD 9.34 Billion by 2034 Amid Escalating Cyber Threats

    July 23, 2025

    What Is an A Record? A Complete Guide to DNS A Records

    July 22, 2025

    Elderglade’s Cross-Chain Gaming Bridge is Live, Going Cross-Game and Cross-Chain with LINEUP Games Partnership

    July 23, 2025

    A $7.8M stealth CryptoPunks acquisition signals renewed whale interest in NFTs amid Ethereum’s rally and a resurgent market.

    July 22, 2025

    GaFin Partners with Play Off The Grid to Deliver Cyberpunk Thrills on Streamify

    July 22, 2025

    Shadow War Joins Nexus Night to Redefine DeFi

    July 19, 2025

    Industrial Valves Market Top Companies Study – Emerson, Flowserve Corporation, Sclumberger Limited, Crane Co., Neles.

    July 23, 2025

    Ethereum Dominates DeFi, Solana, Bitcoin, BSC, Tron, and Others among Top 10 

    July 23, 2025

    Coinbase starts CFTC-regulated perpetuals for US traders, offering 10x leverage and 0.02% fees

    July 23, 2025

    The Mad Journey from Terra to GENIUS

    July 23, 2025
  • Legal
    1. Taxes & Regulation
    2. Adoption
    3. View All

    The Mad Journey from Terra to GENIUS

    July 23, 2025

    Citadel urges SEC caution on tokenized securities initiative

    July 23, 2025

    Trump to Sign the Historic GENIUS Act Into Law. What Does It Mean for Crypto?

    July 23, 2025

    FBI drops probe into Kraken founder Jesse Powell, returns seized devices

    July 23, 2025

    Public companies now hold $3.2B worth of Ethereum, swelling past 865,000 ETH

    July 23, 2025

    Stablecoins infiltrate deeper into global finance as Western Union enters crypto

    July 22, 2025

    GENIUS Act makes immediate impact as JP Morgan looks to allow crypto as collateral for lending

    July 22, 2025

    Ethena launches StablecoinX as ENA climbs 8% and USDe supply crosses $6B

    July 22, 2025

    Industrial Valves Market Top Companies Study – Emerson, Flowserve Corporation, Sclumberger Limited, Crane Co., Neles.

    July 23, 2025

    Ethereum Dominates DeFi, Solana, Bitcoin, BSC, Tron, and Others among Top 10 

    July 23, 2025

    Coinbase starts CFTC-regulated perpetuals for US traders, offering 10x leverage and 0.02% fees

    July 23, 2025

    The Mad Journey from Terra to GENIUS

    July 23, 2025
  • Analysis

    Trader Says One Dogecoin Competitor Primed for New Leg Up, Predicts New All-Time Highs for Bitcoin

    July 23, 2025

    Solana staking ETF hits $100 million mark at record pace

    July 22, 2025

    Ali Martinez Predicts $15 Target Ahead

    July 22, 2025

    XRP Price Breakout: Analyst Targets $6 Next

    July 22, 2025

    ETH Price Surges on ETF Inflows, $17K in Sight

    July 21, 2025
  • Learn
    1. Education
    2. Wallets and Exchanges
    3. View All

    What Is Tokenization?

    July 11, 2025

    What Are Internet Capital Markets? Why Companies Are Launching Meme Coins

    June 16, 2025

    What is a Corporate Bitcoin Treasury? The Strategy Behind Companies Holding Crypto

    May 27, 2025

    What Are Tokenized Real-World Assets? Putting Physical Value On-Chain With RWAs

    May 19, 2025

    Coinbase starts CFTC-regulated perpetuals for US traders, offering 10x leverage and 0.02% fees

    July 23, 2025

    Telegram’s TON Wallet goes live in US with eye on 87m users

    July 23, 2025

    BitGo joins flurry of crypto firms eyeing IPOs

    July 22, 2025

    Coinbase stock hits all-time high amid legislative triumphs

    July 19, 2025

    Industrial Valves Market Top Companies Study – Emerson, Flowserve Corporation, Sclumberger Limited, Crane Co., Neles.

    July 23, 2025

    Ethereum Dominates DeFi, Solana, Bitcoin, BSC, Tron, and Others among Top 10 

    July 23, 2025

    Coinbase starts CFTC-regulated perpetuals for US traders, offering 10x leverage and 0.02% fees

    July 23, 2025

    The Mad Journey from Terra to GENIUS

    July 23, 2025
  • Tools
    • Market Overview
    • Converter
Buy Crypto NewsBuy Crypto News
Home»Security and Privacy»New Attacks Exploit VSCode Extensions and npm Packages
New Attacks Exploit VSCode Extensions and npm Packages
Security and Privacy

New Attacks Exploit VSCode Extensions and npm Packages

December 19, 2024No Comments2 Mins Read
Share
Facebook Twitter LinkedIn Pinterest Email

A recent investigation by cybersecurity experts has uncovered a concerning uptick in malicious campaigns targeting popular development tools such as VSCode extensions and npm packages. These campaigns have been found to compromise local development environments and pose significant risks to software supply chains.

The initial detection of these malicious campaigns was made by ReversingLabs in the VSCode Marketplace, with the threat expanding to the npm ecosystem later on. One example of the latest malicious npm packages identified is etherscancontracthandler, which included obfuscated payloads across five different versions. The similarities between these compromised npm packages and VSCode extensions suggest that they may have been created by the same threat actor or group.

While these campaigns initially targeted the cryptocurrency community, they have since evolved to impersonate popular applications like Zoom. Threat actors have gone to great lengths to make these malicious extensions appear legitimate, using tactics such as inflating install counts and fabricating reviews.

The investigation also revealed common endpoints shared by the malicious VSCode extensions and npm packages, with some domains mimicking trusted sources to deceive users. Extensive use of obfuscated JavaScript was employed to evade detection.

In light of these findings, it is crucial for developers to be vigilant when using development tools and third-party libraries. ReversingLabs recommends several best practices to mitigate risks, including regularly auditing plugins and dependencies for vulnerabilities, validating and pre-approving development tools and extensions before use, and conducting frequent security assessments to identify new risks introduced by updates or third-party libraries.

It is essential for developers to remain cautious when utilizing packages from public repositories, as malicious code could potentially be included, leading to a malicious package being introduced as a dependency in a larger project. Development organizations are advised to closely scrutinize the features and behaviors of the open source, third-party, and commercial code they rely on, in order to track dependencies and detect any potential malicious payloads.

See also  Fraudsters Exploit Telegram’s Popularity For Toncoin Scam

By following these best practices and remaining vigilant, developers can help safeguard their development environments and protect software supply chains from malicious attacks.

Attacks exploit Extensions npm Packages VSCode
Share. Facebook Twitter Pinterest LinkedIn Tumblr Email

Related Posts

Lazarus Group Behind $44M CoinDCX Heist, Experts Find Same Exploit Pattern as WazirX

July 22, 2025

Accounting Firm Targeted by Malware Campaign Using New Crypter

July 22, 2025

Grok refuses to pick winner for Crypto Rover competition citing ZachXBT pump and dump evidence

July 21, 2025

XRP trading volume soars as new ATH attracts deepfake scam targeting investors

July 18, 2025
Add A Comment
Leave A Reply Cancel Reply

Top Posts

Michigan lawmakers introduce new crypto bills covering state investments, mining, and CBDCs

May 26, 2025

ASUS Republic of Gamers Announces the ROG Xbox Ally and ROG Xbox Ally X, Raising the Standard for Gaming Handhelds

June 9, 2025

US to Sell $56m in Seized Crypto-Currency

February 19, 2025
Price Chart


Explore insights on crypto, blockchain, taxes, and security. Stay informed with expert guides, tips, and the latest trends to navigate the digital asset world confidently


We're social. Connect with us:

Facebook X (Twitter) Instagram Pinterest YouTube
Top Insights

Industrial Valves Market Top Companies Study – Emerson, Flowserve Corporation, Sclumberger Limited, Crane Co., Neles.

July 23, 2025

Ethereum Dominates DeFi, Solana, Bitcoin, BSC, Tron, and Others among Top 10 

July 23, 2025

Coinbase starts CFTC-regulated perpetuals for US traders, offering 10x leverage and 0.02% fees

July 23, 2025
Get Informed

Subscribe to Updates

Get the latest creative news From BuyCryptoNews directly in your Inbox!

  • Contact
  • Privacy Policy
  • Terms & Conditions
  • Disclosure
© 2025 BuyCryptoNews - All rights reserved.

Type above and press Enter to search. Press Esc to cancel.