Tag
ide-extensions
Safeguard articles tagged "ide-extensions" — guides, analysis, and best practices for software supply chain and application security.
2 articles
Supply Chain Security
IDE extension marketplace trust and verification
Wiz Research found 550+ leaked secrets across 500+ VS Code extensions, including publisher tokens that let attackers push malicious updates to entire install bases.
Jul 10, 20266 min read
Supply Chain Attacks
The Cursor IDE extension that stole $500K: a supply chain post-mortem
A fake 'Solidity Language' extension hit 50,000+ downloads on Open VSX before stealing $500K in crypto. Here's how IDE marketplaces became a trust gap.
Jul 9, 20265 min read