Jan 272026 Malicious VS Code AI Extensions with 1.5 Million Installs Steal Developer Source Code Security researchers found two AI-branded VS Code extensions with 1.5M installs that covertly send source code and files to China-based servers.
