Backdoored Open VSX extension used GitHub-hosted downloader to install RAT and stealer

A compromised Open VSX extension called fast-draft quietly delivered a remote access trojan and an infostealer to developer machines by downloading second-stage payloads from GitHub. Security firm Aikido says several fast-draft releases under the KhangNghiem publisher account contained malicious code, while other nearby versions appeared clean, which points to a likely account or release pipeline […] The post Backdoored Open VSX extension used GitHub-hosted downloader to install RAT and stealer appeared first on VPN Central.