Leaks in Microsoft VS Code Marketplace Put Supply Chain at Risk
Summary
Researchers at Wiz found more than 550 validated secrets exposed inside VS Code extension packages across Microsoft’s VS Code Marketplace and the Open VSX Registry. The exposed credentials included high-risk items such as Azure DevOps Personal Access Tokens (PATs), Open VSX tokens, API keys for cloud platforms and databases, and AI-provider configuration secrets.
Microsoft revoked the leaked VS Code Marketplace PATs, scanned existing extensions and introduced publisher scanning tools. Open VSX is making token changes, but it’s unclear whether all exposed tokens there have been revoked.
Key Points
- Wiz’s research uncovered 550+ unique secrets in .vsix extension packages across VS Code marketplaces.
- More than 130 tokens capable of updating extensions (e.g., Azure DevOps PATs) were found—these could let attackers push malicious updates and poison the supply chain.
- Exposed secrets included database credentials (MongoDB, Postgres, Supabase) and platform/API keys for AWS, GitHub, Stripe, Auth0 and GCP.
- Many leaks stemmed from AI-related configuration files and from organisations publishing internal or vendor-specific extensions publicly for convenience.
- Microsoft revoked leaked Marketplace PATs, scanned extensions and added pre-publish secret scanning tools; Open VSX is adding token prefixes but revocation status is unclear.
- Practical mitigations: minimise installed extensions, use allow-lists, maintain an IDE-extension inventory, and scan/sanitise packages before publishing.
Context and Relevance
Developer marketplaces and extension ecosystems are a proven vector for supply chain attacks. Secrets embedded in extension packages give attackers a direct route to compromise many downstream users by updating widely used tooling. This incident highlights how developer convenience (publishing internal tools publicly, hardcoding credentials) can create systemic risk for organisations and the wider software supply chain.
Why should I read this?
Short version: if you or your teams use VS Code extensions, this is worth your five minutes. Hidden credentials in .vsix packages can let attackers push malicious updates to lots of users fast. The article saves you the digging—it tells you what was found, what Microsoft did, and what quick fixes to start with (scan, revoke, allow-list, inventory).
Author’s take (pithy)
Punchy and plain: this is a real supply-chain headache that could have been avoided with basic secret hygiene. Microsoft has acted, but any organisation relying on extensions should treat this as a wake-up call.