A new malicious campaign targeting Visual Studio Code (VS Code) extensions has been uncovered – and it’s one of the most technically deceptive supply-chain attacks this year.
Researchers at ReversingLabs revealed 19 VS Code extensions hiding malware not in their main code, but inside the dependency folders developers typically trust and rarely inspect. The extensions, active since February 2025, carried malicious binaries disguised as harmless image files and pre-packaged npm dependencies.
This wasn’t a simple typo-squatting trick. It was a carefully engineered infiltration of the developer ecosystem, designed to execute malware the moment VS Code opens.
For organizations across the world – especially in fast-growing developer markets like the Middle East and Africa (MEA) – the campaign is a stark reminder that developer tooling itself is now prime territory for threat actors.
How the Attack Worked – A Trojan Inside a Fake PNG
At the center of the campaign was a modified version of a widely-used npm package, path-is-absolute, which has more than 9 billion cumulative downloads since 2021.
Attackers inserted:
- An altered
index.jsfile containing a malicious bootstrap class - A disguised file named banner.png, which was not an image at all
- Multiple malware binaries hidden inside the fake PNG
- A JavaScript “dropper” embedded in a file named
lock
The PNG file – actually a compressed malicious archive – was designed to appear normal. But any attempt to preview it would fail. Instead, its contents were executed by abusing cmstp.exe, a Windows living-off-the-land binary (LOLBIN).
From there:
- One binary executed a script to close cmstp
- The second binary delivered a Rust-based trojan, still under analysis
By masking the binaries inside a file developers would never question, attackers bypassed trust-based assumptions built into extension workflows.
Why Dependency Folders Made This Possible
VS Code extensions are distributed with pre-packaged dependencies, including any node_modules content the publisher includes.
This means attackers – as legitimate extension owners – could:
- Ship modified versions of popular npm dependencies
- Bundle malware as if it were normal runtime code
- Avoid detection from npm or extension reviewers
- Exploit the fact that developers assume dependencies inside extensions are clean
Four of the malicious extensions used another dependency, @actions/io, to deploy the payload instead of path-is-absolute. In those cases, malware binaries were hidden in .ts and .map files.
This is not the first time dependency folders have been abused, but the use of a fake image container and dual payload execution marks a notable escalation.
Growing Trend: VS Code Becoming a Target-Rich Environment
The VS Code Marketplace has become a high-value target in the software supply chain.
ReversingLabs reports:
- 105 malicious extensions detected in the first 10 months of 2025
- Up from 27 in 2024
- A 4× increase in attacks targeting development tools
Some malicious extensions impersonate popular add-ons. Others modify legitimate ones via malicious pull requests, a pattern seen earlier this year in the ETHCode compromise.
With millions of developers worldwide depending on VS Code daily, supply-chain attacks here represent a direct path into corporate source code, CI/CD pipelines, cloud environments, and production systems.
Why This Matters to MEA Organizations
The Middle East and Africa are experiencing rapid growth in:
- DevOps adoption
- Cloud-native development
- Startup ecosystems
- Cross-border digital services
This growth also increases dependency on VS Code across SOC teams, developers, fintechs, and digital government platforms.
A single compromised extension installed on a developer workstation can:
- Exfiltrate API keys
- Steal cloud credentials
- Inject malicious code into repositories
- Compromise CI/CD systems
- Move laterally into internal networks
For organizations managing sensitive infrastructure across the GCC, North Africa or sub-Saharan Africa, this type of supply-chain risk can escalate into full-blown breaches.
10 Best Practices Security Teams Should Implement Now
To minimize exposure, organizations should immediately tighten security around developer tools and supply-chain dependencies.
- Audit all installed VS Code extensions across developer endpoints — especially low-review or newly published extensions.
- Whitelist trusted extensions and block unknown or unverified publishers.
- Perform static analysis on VS Code extension packages (.vsix) before installation.
- Scan the
node_modulesfolder inside each extension for modified files or foreign binaries. - Use supply-chain security tools such as Spectra Assure or similar solutions from Saintynet Cybersecurity.
- Block risky LOLBINs like
cmstp.exeunless required for business processes. - Use EDR with behavioral detection to inspect suspicious child process creation.
- Educate developers and engineers through awareness training on extension risks and dependency tampering.
- Monitor corporate GitHub/GitLab environments for unexpected actions triggered by compromised extensions.
- Apply zero-trust principles for developer machines, CI/CD, and coding pipelines.
These measures reduce the chance that a compromised extension will silently infiltrate the software supply chain.
Conclusion
This latest VS Code campaign is a sobering reminder: attackers are moving deeper into the developer ecosystem, hiding malware where trust is assumed and controls are weakest.
By altering a widely trusted npm package and embedding malicious binaries inside a fake PNG file, attackers demonstrated the fragility of developer workflows and the ease with which supply-chain components can be turned against their users.
Security teams must accelerate efforts to secure developer environments, not just production systems. Because today, the next breach may begin with a single VS Code extension.
