GRAPHIC APPAREL SHOPMost developers trust their code editor extensions, but recent research reveals a hidden danger. Sensitive secrets embedded in VSCode and Open VSX marketplaces put over 150,000 users at risk. These vulnerabilities allowed attackers the ability to push malicious updates to unsuspecting users, exposing a significant supply chain risk.
Secrets Exposed in Popular Extensions
Wiz Research unearthed more than 550 leaked secrets within hundreds of VSCode extensions. These secrets included:
- AI provider tokens like OpenAI, Gemini, and Anthropic
- Cloud and developer platform keys for AWS, GitHub, Stripe, and GCP
- Database credentials for MongoDB, Postgres, Supabase
- Marketplace publishing tokens such as Azure DevOps PATs and Open VSX tokens
The most alarming discoveries were publishing tokens—over 100 for the VSCode Marketplace and 30+ for Open VSX. This meant tens of thousands faced the threat of forced, malicious extension updates. Even seemingly harmless themes contributed to the risk, challenging the notion that non-code extensions are always safe.
How Did These Leaks Occur?
The main culprit was accidental bundling of sensitive files (like .env and AI config files) into extension packages. Some developers hardcoded secrets directly into their source code or configuration files, such as package.json and README.md. Often, these incidents stemmed from oversight or a lack of understanding about what gets published in a .vsix package.
Industry Response and Remediation Steps
After the discovery, Wiz worked with Microsoft to address the crisis responsibly. The response included:
- Publisher notifications: Impacted publishers were alerted and all leaked publishing tokens were revoked.
- Pre-publication secret scanning: Microsoft now scans for embedded secrets before allowing extension publication, blocking risky submissions and notifying publishers. OpenVSX adopted identifiable prefixes for easier detection.
- Comprehensive mitigation: All existing extensions underwent secret scanning, and publishers were instructed to release sanitized updates.
These steps have raised the security bar for the VSCode ecosystem, with Microsoft outlining an ongoing roadmap for stronger marketplace trust and controls.
What Can Users and Organizations Do?
Tips for Individual Users
- Limit the number of installed extensions to reduce exposure.
- Assess extension trustworthiness by reviewing ratings and publisher history.
- Consider the trade-off between auto-updating extensions and the risk of automated malware distribution.
Guidance for Security Teams
- Keep an accurate inventory of all IDE extensions in use across your organization.
- Enforce a centralized allowlist of approved extensions when possible.
- Favor extensions from the official VSCode Marketplace, which now provides enhanced security controls.
Strengthening Platform Security Practices
Wiz recommends several best practices to help platforms prevent future leaks:
- Automatic expiration of secrets to minimize risk windows.
- Structured credentials (with prefixes or checksums) for easier identification and revocation.
- Active participation in tools like GitHub Advanced Secret Scanning to catch leaks in public repositories early.
Takeaway: Vigilance Is Key in Software Supply Chains
This incident shines a light on the ongoing risks within extension ecosystems and the broader software supply chain. It highlights the importance of collaboration between researchers and platform providers to rapidly detect and remediate threats. As AI and cloud integrations become more widespread, maintaining vigilance and robust security controls is more crucial than ever.
Source: Wiz Blog
VSCode Extension Marketplaces: Uncovering a Critical Supply Chain Risk