Malicious VSX Extension "SleepyDuck" Uses Ethereum to Keep Its Command Server Alive
Cybersecurity researchers have identified a malicious extension named SleepyDuck in the Open VSX registry, which contains a remote access trojan. Initially published as a benign library, the extension was updated shortly after to include malicious capabilities.