{"id":216696,"date":"2025-06-27T06:21:12","date_gmt":"2025-06-27T11:21:12","guid":{"rendered":"https:\/\/lifeboat.com\/blog\/2025\/06\/critical-open-vsx-registry-flaw-exposes-millions-of-developers-to-supply-chain-attacks"},"modified":"2025-06-27T06:21:12","modified_gmt":"2025-06-27T11:21:12","slug":"critical-open-vsx-registry-flaw-exposes-millions-of-developers-to-supply-chain-attacks","status":"publish","type":"post","link":"https:\/\/lifeboat.com\/blog\/2025\/06\/critical-open-vsx-registry-flaw-exposes-millions-of-developers-to-supply-chain-attacks","title":{"rendered":"Critical Open VSX Registry Flaw Exposes Millions of Developers to Supply Chain Attacks"},"content":{"rendered":"<p><a class=\"aligncenter blog-photo\" href=\"https:\/\/lifeboat.com\/blog.images\/critical-open-vsx-registry-flaw-exposes-millions-of-developers-to-supply-chain-attacks.jpg\"><\/a><\/p>\n<p>Cybersecurity researchers have disclosed a critical vulnerability in the Open VSX Registry (\u201copen-vsx[.]org\u201d) that, if successfully exploited, could have enabled attackers to take control of the entire Visual Studio Code extensions marketplace, posing a severe supply chain risk.<\/p>\n<p>\u201cThis vulnerability provides attackers full control over the entire extensions marketplace, and in turn, full control over millions of developer machines,\u201d Koi Security researcher Oren Yomtov <a href=\"https:\/\/blog.koi.security\/marketplace-takeover-how-we-couldve-taken-over-every-developer-using-a-vscode-fork-f0f8cf104d44\" rel=\"noopener\" target=\"_blank\">said<\/a>. \u201cBy exploiting a CI issue a malicious actor could publish malicious updates to every extension on Open VSX.\u201d<\/p>\n<p>Following responsible disclosure on May 4, 2025, multiple rounds of fixes were proposed by the maintainers, before a final patch was deployed on June 25.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Cybersecurity researchers have disclosed a critical vulnerability in the Open VSX Registry (\u201copen-vsx[.]org\u201d) that, if successfully exploited, could have enabled attackers to take control of the entire Visual Studio Code extensions marketplace, posing a severe supply chain risk. \u201cThis vulnerability provides attackers full control over the entire extensions marketplace, and in turn, full control over [\u2026]<\/p>\n","protected":false},"author":427,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[34],"tags":[],"class_list":["post-216696","post","type-post","status-publish","format-standard","hentry","category-cybercrime-malcode"],"_links":{"self":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/216696","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/users\/427"}],"replies":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/comments?post=216696"}],"version-history":[{"count":0,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/216696\/revisions"}],"wp:attachment":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/media?parent=216696"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/categories?post=216696"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/tags?post=216696"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}