AI-powered coding tools like Cursor and Trae are vulnerable to supply chain attacks because they recommend extensions that do not exist on the Open VSX registry. This allows malicious actors to claim these empty namespaces and trick developers into installing harmful software that can steal source code or credentials.

Several popular forks of Microsoft Visual Studio Code have been found to suggest extensions that are missing from the alternative Open VSX registry. Because these IDEs inherit recommendation lists from the official Microsoft marketplace, they often point toward namespaces that remain unclaimed in the open-source ecosystem. Security researchers discovered that anyone could register these specific names and upload malicious packages, which the IDE would then trustingly present to the user as a verified suggestion.

When a developer opens a specific file type or has certain software installed, these IDEs trigger notifications suggesting a helpful extension. If an attacker has published a rogue package under the expected name, a developer might install it with a single click, assuming it is an official tool. Research showed that a single placeholder extension attracted hundreds of installs, proving that developers frequently follow these automated prompts without verifying the publisher's identity.

Once a malicious extension is installed, it can gain deep access to the developer's environment, potentially leading to the theft of sensitive data, proprietary source code, and login secrets. While some companies like Google and Cursor have issued fixes, the risk highlights a broader issue in how extension marketplaces are managed. The Eclipse Foundation has since taken steps to remove unofficial contributors from certain namespaces and enforce stricter registry-level safeguards to prevent future impersonation.

GET 50% Discount for VPN/ANTIVIRUS SOFTWARE AT 911Cyber - CODE: bit5025

The threat landscape for developers is further complicated by the activity of initial access brokers who exploit stolen credentials to breach corporate cloud platforms. Cybersecurity reports indicate that attackers are actively searching for valid usernames and passwords in infostealer logs to access file-sharing services that lack multi-factor authentication. These breaches often target high-value sectors, including defense, aviation, and government, where exposed documents can pose significant national security and privacy risks.

To mitigate these risks, developers must exercise high levels of caution by manually verifying the publisher of any extension before approving an installation. Organizations are also encouraged to enforce multi-factor authentication and regular credential rotation to protect against brokers selling access to corporate environments. As threat actors increasingly target the tools and repositories that developers rely on, maintaining a skeptical approach to automated recommendations has become a vital security practice.

Source: Cloud File Sharing Sites Targeted In Corporate Data Theft Attacks