OX Research conducted a ground-breaking study in May and June 2025 that revealed concerning security flaws in the extension verification procedures of some of the most popular Integrated Development Environments (IDEs), such as Visual Studio Code (VSCode), Visual Studio, IntelliJ IDEA, and Cursor.
These tools, essential to millions of developers worldwide, rely heavily on third-party extensions to enhance functionality.
https://gbhackers.com/ide-extensions-li ... attackers/