Check Point took the wraps off of three malicious Microsoft Visual Studio extensions on May 4, 2023, aimed at exploiting VSCode Marketplace visitors. These extensions named Theme Darcula dark, python-vscode, and prettiest java, were downloaded by Windows developers nearly 46,000 times. Actors could pilfer credentials, collect system information, and establish a remote shell on the victim’s machine.