Hacking news

Malicious VSX Extension “SleepyDuck” Uses Ethereum to Keep Its Command Server Alive

on November 3, 2025

The Hacker News

Cybersecurity researchers have flagged a new malicious extension in the Open VSX registry that harbors a remote access trojan called SleepyDuck. According to Secure Annex's John Tuckner, the extension in question, juan-bianco.solidity-vlang (version 0.0.7), was first published on October 31, 2025, as a completely benign library that was subsequently updated to version 0.0.8 on November 1 to

More From Author

Hacking news

UNC1069 Social Engineering of Axios Maintainer Led to npm Supply Chain Attack

April 3, 2026

The Hacker News

Hacking news

Why Third-Party Risk Is the Biggest Gap in Your Clients’ Security Posture

April 3, 2026

The Hacker News

Hacking news

New SparkCat Variant in iOS, Android Apps Steals Crypto Wallet Recovery Phrase Images

April 3, 2026

The Hacker News

Malicious VSX Extension “SleepyDuck” Uses Ethereum to Keep Its Command Server Alive

More From Author

UNC1069 Social Engineering of Axios Maintainer Led to npm Supply Chain Attack

Why Third-Party Risk Is the Biggest Gap in Your Clients’ Security Posture

New SparkCat Variant in iOS, Android Apps Steals Crypto Wallet Recovery Phrase Images

XWiki SolrSearch Exploit Attempts (CVE-2025-24893) with link to Chicago Gangs/Rappers, (Mon, Nov 3rd)

Defeating KASLR by Doing Nothing at All

Leave a Reply Cancel reply