Over 100 VS Code Extensions Exposed Developers to Hidden Supply Chain Risks

Steven

Over 100 VS Code Extensions Exposed Developers to Hidden Supply Chain Risks

Summary

Research by Wiz revealed that publishers of over 100 Visual Studio Code extensions inadvertently leaked personal access tokens (PATs) and other secrets inside .vsix packages. These leaks — 550 validated secrets across more than 500 extensions — included AI-provider keys, cloud and database credentials, and importantly, VS Code Marketplace and Open VSX tokens that could let an attacker push malicious updates to installed users.

The findings show more than 100 extensions leaked VS Code Marketplace PATs (≈85,000 installs) and around 30 leaked Open VSX tokens (≈100,000 installs). The exposed tokens and hard-coded secrets amplify supply chain exposure, especially because extensions can be unzipped and inspected. Microsoft revoked the leaked Marketplace PATs after responsible disclosure and is adding secret-scanning protections; however, Open VSX and third-party forks remain less protected.

The report also highlights an active threat actor, TigerJack, which published malicious-but-functional extensions that steal source code, mine cryptocurrency and fetch remote payloads periodically — demonstrating how updates or malicious code can silently compromise developer machines and corporate networks.

Key Points

  • Wiz discovered 550 validated secrets across 500+ VS Code extensions, covering AI providers, cloud services, and databases.
  • Over 100 extensions leaked VS Code Marketplace PATs (≈85,000 installs); ~30 leaked Open VSX tokens (≈100,000 installs).
  • Leaked PATs enable attackers to push malicious updates to the entire install base — a direct software supply chain risk.
  • Microsoft revoked exposed Marketplace tokens and is adding secret-scanning to block extensions with verified secrets; Open VSX lacks equivalent protections.
  • TigerJack (threat actor) used legitimate-looking extensions to steal code, mine crypto and run remote backdoors, showing how malicious updates can evade casual vetting.
  • Recommendations: limit installed extensions, vet before installing, consider disabling auto-updates, maintain an extension inventory and a central allowlist for organisations.

Context and relevance

This investigation underscores a growing trend: developer tooling and package ecosystems are attractive supply chain targets. As developers increasingly rely on extensions, leaked secrets inside distributed packages turn everyday developer machines into high-value attack vectors. The problem compounds when marketplaces are fragmented — removals from one registry (Microsoft) don’t prevent reappearance on others (Open VSX) or forks.

For security teams and dev leads, this is a timely reminder to treat extensions like any third-party dependency: include them in asset inventories, scan for secrets, and enforce controlled update policies to reduce mass compromise risk.

Why should I read this?

Because if you or your team use VS Code, this affects you — and it’s annoyingly easy to miss. Extensions that seem harmless can harbour tokens that let attackers ship malware via normal updates. Read this to know what to check, what to revoke, and how to stop an extension from becoming your weakest link.

Source

Source: https://thehackernews.com/2025/10/over-100-vs-code-extensions-exposed.html