{“lastseen”:”2026-01-06T12:04:31″,”description”:”\\n\\nPopular artificial intelligence (AI)-powered Microsoft Visual Studio Code (VS Code) forks such as Cursor, Windsurf, Google Antigravity, and Trae have been found to recommend extensions that are non-existent in the Open VSX registry, potentially opening the door to supply chain risks when bad actors publish malicious packages under those names.\\n\\nThe problem, according to Koi, is that these integrated development environments (IDEs) inherit the list of officially recommended extensions from Microsoft’s extensions marketplace. These extensions don’t exist in Open VSX.\\n\\nThe VS Code extension recommendations can take two different forms: file-based, which are displayed as toast notifications when users open a file in specific formats, or software-based, which are suggested when certain programs are already installed on the host.\\n\\n\\”The problem: these recommended extensions didn’t exist on Open VSX,\\” Koi security researcher Oren Yomtov said. \\”The namespaces were unclaimed. Anyone could register them and upload whatever they wanted.\\”\\n\\n\\n\\nIn other words, an attacker could weaponize the absence of these VS Code extensions and the fact that the AI-powered IDEs are VS Code forks to upload a malicious extension to the Open VSX registry, such as ms-ossdata.vscode-postgresql.\\n\\nAs a result, any time a developer with PostgreSQL installed opens one of the aforementioned IDEs and sees the message \\”Recommended: PostgreSQL extension,\\” a trivial install action is enough to result in the deployment of the rogue extension on their system instead.\\n\\nThis simple act of trust can have severe consequences, potentially leading to the theft of sensitive data, including credentials, secrets, and source code. Koi said its placeholder PostgreSQL extension attracted no less than 500 installs, indicating that developers are downloading it simply because the IDE suggested it as a recommendation.\\n\\nThe names of some of the extensions that have been claimed by Koi with a placeholder are listed below -\\n\\n * ms-ossdata.vscode-postgresql\\n * ms-azure-devops.azure-pipelines\\n * msazurermtools.azurerm-vscode-tools\\n * usqlextpublisher.usql-vscode-ext\\n * cake-build.cake-vscode\\n * pkosta2005.heroku-command\\n\\n\\n\\n\\n\\nIn response to responsible disclosure, Cursor and Google have rolled out fixes to address the issue. The Eclipse Foundation, which oversees Open VSX, has since removed non-official contributors and enforced broader registry-level safeguards.\\n\\nWith threat actors increasingly focusing on exploiting the security gaps in extension marketplaces and open-source repositories, it’s essential that developers exercise caution prior to downloading any packages or approving installs by verifying they come from a trusted publisher.\\n\\nFound this article interesting? Follow us on Google News, Twitter and LinkedIn to read more exclusive content we post.\\n”,”published”:”2026-01-06T11:25:00″,”modified”:”2026-01-06T11:55:43″,”type”:”thn”,”title”:”VS Code Forks Recommend Missing Extensions, Creating Supply Chain Risk in Open VSX”,”source”:””,”references”:””,”id”:”THN:34F1A797DFA50B722213753791898693″,”bulletinFamily”:”info”,”cwe”:null,”cvelist”:[],”sourceData”:””,”sourceHref”:””,”cvss”:{“score”:0,”severity”:”NONE”,”vector”:”NONE”,”version”:”NONE”},”cvss2″:{},”cvss3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””,”cvssV3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””}},”href”:”https:\/\/thehackernews.com\/2026\/01\/vs-code-forks-recommend-missing.html”,”category_name”:”News”,”post_link”:””,”product”:””,”version”:””,”vendor”:””,”ai_description”:””,”ai_severity”:””,”ai_vendor”:””,”ai_product”:””,”ai_version”:””,”ai_score”:0}<\/p>\n","protected":false},"excerpt":{"rendered":"
{“lastseen”:”2026-01-06T12:04:31″,”description”:”\\n\\nPopular artificial intelligence (AI)-powered Microsoft Visual Studio Code (VS Code) forks such as Cursor, Windsurf, Google Antigravity, and Trae have been found to recommend extensions…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[6,8,12,13,33,7,11,43,5],"class_list":["post-34342","post","type-post","status-publish","format-standard","hentry","category-category_news","tag-cve","tag-cvss","tag-exploit","tag-news","tag-none","tag-security","tag-tapic","tag-thn","tag-vulnerability"],"yoast_head":"\n