Compromised Nx Console 18.95.0 Targeted VS Code Developers with Credential Stealer

Published: 3 weeks ago (May 19, 2026 at 03:49 AM EDT)

1 min read

Source: The Hacker News

Cybersecurity researchers have flagged a compromised version of the Nx Console extension that was published to the Microsoft Visual Studio Code (VS Code) Marketplace.

The extension in question is rwl.angular-console (version 18.95.0), a popular user interface and plugin for code editors like VS Code, Cursor, and JetBrains. The VS Code extension has more than 2.2 million installations.

Back to Blog

GitHub Internal Repositories Breached via Malicious Nx Console VS Code Extension

GitHub on Wednesday officially confirmed that the breach of its internal repositories was the result of a compromise of an employee device involving a poisoned...

⚡ Weekly Recap: Linux Flaws, Defender 0-Days, Router Botnets, and Supply Chain Chaos

Monday recap. Same mess, new week. A sketchy dev tool got people pwned, old bugs came back from the dead, and security products somehow needed protecting from t...

GitHub links repo breach to TanStack npm supply-chain attack

markdown !https://www.bleepstatic.com/content/hl-images/2026/05/21/GitHub_headpic.jpg GitHub says the hackers who breached 3,800 internal repositories gained ac...

GitHub's Internal Repos Breached Via Employee's Use of Malicious VS Code Extension

Incident Overview Longtime Slashdot reader Himmy32 reports that GitHub announced on X that its internal repositories were breached through a compromised VS Cod...

Related posts

GitHub Internal Repositories Breached via Malicious Nx Console VS Code Extension

⚡ Weekly Recap: Linux Flaws, Defender 0-Days, Router Botnets, and Supply Chain Chaos

GitHub links repo breach to TanStack npm supply-chain attack

GitHub's Internal Repos Breached Via Employee's Use of Malicious VS Code Extension