{
  "$type": "site.standard.document",
  "bskyPostRef": {
    "cid": "bafyreihsz6zb2edt7jx4l36s22r2rwsr3x3gxgxbyqdqvgy2ypomixkzxa",
    "uri": "at://did:plc:6wtxqaikjf62unmnajbfbq5v/app.bsky.feed.post/3mhh6dusosxd2"
  },
  "coverImage": {
    "$type": "blob",
    "ref": {
      "$link": "bafkreid32fjimnwvbli6mrvtbsn23krjy4lff6qcnlkruzlpofls7rmyji"
    },
    "mimeType": "image/jpeg",
    "size": 82947
  },
  "path": "/backdoored-open-vsx-extension-used-github-hosted-downloader-to-install-rat-and-stealer/",
  "publishedAt": "2026-03-19T14:59:33.000Z",
  "site": "https://vpncentral.com",
  "tags": [
    "News",
    "Backdoored Open VSX extension used GitHub-hosted downloader to install RAT and stealer",
    "VPN Central"
  ],
  "textContent": "A compromised Open VSX extension called fast-draft quietly delivered a remote access trojan and an infostealer to developer machines by downloading second-stage payloads from GitHub. Security firm Aikido says several fast-draft releases under the KhangNghiem publisher account contained malicious code, while other nearby versions appeared clean, which points to a likely account or release pipeline […]\n\nThe post Backdoored Open VSX extension used GitHub-hosted downloader to install RAT and stealer appeared first on VPN Central.",
  "title": "Backdoored Open VSX extension used GitHub-hosted downloader to install RAT and stealer"
}