A campaign targeting Solidity developers has surfaced, distributing trojanized extensions through Visual Studio Code that exfiltrate sensitive information, including cryptocurrency wallet credentials. Three malicious extensions were detected, downloaded 50 times, and are linked to the threat actor MUT-9332, known for prior cryptominer distribution. These extensions exploit VS Code’s permissions, making them effective tools for credential theft.
Database Leak Reveals 184 Million Infostealer-Harvested Emails and Passwords
Jeremiah Fowler, a cybersecurity researcher, discovered a misconfigured database containing 184 million unique login names and passwords from various online services and platforms, without any
