Vscode on HackingPassion.com : root@HackingPassion.com-[~]https://hackingpassion.com/tags/vscode/Recent content in Vscode on HackingPassion.com : root@HackingPassion.com-[~]HugoenSun, 25 Jan 2026 11:40:27 +0100MaliciousCorgi: The VSCode Attack Hiding in Plain Sight - 1.5 Million Installs Affectedhttps://hackingpassion.com/maliciouscorgi-vscode-extensions/Sun, 25 Jan 2026 11:40:27 +0100https://hackingpassion.com/maliciouscorgi-vscode-extensions/<p>Two VSCode extensions with 1.5 million installs are stealing source code right now, not last month. Researchers published their findings on January 22. Three days later, both extensions are still live on Microsoft&rsquo;s official marketplace. Still collecting downloads. Still harvesting files. 🧐</p> <p>The extensions are ChatGPT - δΈ­ζ–‡η‰ˆ with 1.34 million installs and ChatMoss with 150,000 installs. Both marketed as AI coding assistants. Both work as advertised. Both contain identical spyware that sends everything to servers in China. Researchers named the campaign MaliciousCorgi.</p>