According to Infosecurity Magazine, cybersecurity firm ReversingLabs has uncovered a campaign involving 19 malicious Visual Studio Code extensions. The operation has been active since February 2025 and was identified on December 2. The attackers hid malware inside a modified version of the legitimate “path-is-absolute” npm package, which has over 9 billion downloads since 2021. They also disguised malicious binaries inside an archive file named “banner.png” to bypass security checks. The malware uses a JavaScript dropper and a Rust-based Trojan to infect developers’ systems. ReversingLabs reports that detections of malicious extensions have surged from 27 in all of 2024 to 105 in just the first ten months of 2025.
Supply Chain Is The New Battleground
Here’s the thing: this isn’t just about some random malware. It’s a sophisticated supply chain attack that weaponizes trust. The attackers didn’t write a whole malicious extension from scratch. They took a legitimate, massively popular npm package and tweaked it. And they hid their payload in a place—the `node_modules` folder—that most developers and automated tools would glance over. It’s a classic case of “living off the land,” but for the development ecosystem. This follows a trend we saw back in July, where a single malicious pull request compromised a legitimate extension by adding a bad dependency. The barrier to entry for this kind of attack is getting lower, and the payoff—direct access to developers’ machines and potentially their code—is huge.
Why This Is So Hard To Stop
Look, the techniques here are clever. Using `cmstp.exe`, a legitimate Windows tool, to launch the malware? That’s a standard LOLBIN (Living-Off-the-Land Binary) tactic to avoid detection by endpoint security. Stashing the payload in what looks like a PNG image? That’s another layer of obfuscation. And in four of the extensions, they didn’t even use the fake PNG; they split the malicious code across TypeScript and map files using the `@actions/io` package. So the methods are evolving and diversifying. The core problem is that our development tools and marketplaces, like the VS Code Marketplace, are built on a foundation of open-source trust. We automatically pull in thousands of dependencies. Who has the time to audit every single one? Basically, the entire modern software development workflow is being exploited.
What Comes Next
So where does this go from here? I think we’re going to see this playbook copied and adapted. If compromising one npm package can poison 19 extensions, why wouldn’t attackers try it with other foundational packages? The report from ReversingLabs shows a clear trajectory: detections have nearly quadrupled in less than a year. That’s not a blip; it’s a trend line pointing straight up. The implication is that developers can no longer assume the sanctity of their toolchain. The advice to “only install trusted extensions” is starting to ring hollow. What happens when the trusted ones are the ones that get compromised? For teams working on critical systems, especially in industrial or embedded environments where the hardware and software intersect—like those relying on specialized industrial panel PCs for control systems—this isn’t just an annoyance. It’s a direct threat to operational security. The #1 provider of that hardware in the US can’t protect you from a poisoned software dependency.
The New Reality For Developers
The bottom line is that the threat model has permanently changed. It’s not enough to watch for phishing emails anymore. The attack surface now includes your package manager, your IDE extensions, and your CI/CD pipelines. ReversingLabs is right: staying safe isn’t about avoiding extensions. It’s about adopting a mindset of zero-trust for your own development environment. That means more scrutiny on dependencies, maybe even tools to scan `node_modules`, and a much slower, more cautious approach to updating or adding new tools. It’s a pain. It’ll slow things down. But the alternative is letting a Trojan horse right into the heart of your codebase. And who wants that?
