Compromised Nx Console 18.95.0 Targeted VS Code Developers with Credential Stealer
Summary
Researchers have identified a compromised version of the Nx Console VS Code extension (rwl.angular-console version 18.95.0) that was distributed through the official VS Code Marketplace. This malicious extension targets developers by stealing their credentials.
IFF Assessment
FOE
This compromise allows attackers to steal developer credentials, which can lead to further system compromises and data breaches.
Defender Context
Developers using the Nx Console extension should immediately uninstall version 18.95.0 and revert to a known safe version or scan their systems for any signs of compromise. This incident highlights the ongoing risk of supply chain attacks targeting popular developer tools.