Dangerous and invisible worm found in Visual Studio Code extensions

A malware that steals credentials and cryptocurrencies uses Unicode for invisible code and installs a remote access trojan.
Techzine Europe

Invisible malware spreads via VS Code extensions

A new cyber threat is affecting developers worldwide who work with Visual Studio Code. Researchers at Koi Security have ...
CSO Online

Malicious packages in npm evade dependency detection through invisible URL links: Report

Researchers outline how the PhantomRaven campaign exploits hole in npm to enable software supply chain attacks.