Threat Actors Exploit OpenVSX Aqua Trivy with Malicious AI Prompts to Hijack Local Coding Tools
03/03/2026-09:20 03/03/2026-09:25 מחשבים וטכנולוגיה Cyber Security News דיווח
.webp)
A supply chain attack targeting developers surfaced on March 2, 2026, when unauthorized code was found inside two versions of the Aqua Trivy VS Code extension on the OpenVSX registry. The compromised versions — 1.8.12 and 1.8.13 — were uploaded on Fe
.webp){kind=icon}
.webp){kind=icon}
.webp){kind=icon}
.webp){kind=icon}
.webp){kind=icon}