Malicious AI Extensions on VSCode Marketplace Steal Developer Data After 1.5 Million Installs

Two malicious extensions on Microsoft's VSCode Marketplace, collectively installed 1.5 million times, were found exfiltrating developers' data to servers based in China. These extensions masqueraded as artificial intelligence tools designed to assist developers but instead stole sensitive information, including authentication tokens, system configurations, and project data. Microsoft has since removed the extensions following their discovery. Affected developers are advised to revoke their tokens and inspect their systems for potential compromises.