VSCode IDE forks expose users to "recommended extension" attacks
BleepingComputer••technology
Key Points:
- Popular AI-powered IDEs forked from Microsoft VSCode, including Cursor, Windsurf, Google Antigravity, and Trae, recommend extensions not found in the OpenVSX registry, creating unclaimed namespaces vulnerable to malicious takeover.
- These IDEs cannot use Microsoft's official extension store due to licensing, relying instead on OpenVSX, but hardcoded recommendations still point to Microsoft’s marketplace, causing some recommended extensions to be unavailable on OpenVSX.
- Supply-chain security researchers at Koi warned that threat actors could register these unclaimed namespaces to distribute malware, prompting coordinated fixes: Cursor patched the issue by December 1, Google removed problematic recommendations by late December, while Windsurf has not yet responded.
- Koi researchers
:max_bytes(150000):strip_icc()/GettyImages-22400154171-19eb2573d96647f8894478942b5721be.jpg)
