Key Findings Two malicious Microsoft Visual Studio Code (VS Code) extensions, disguised as AI-powered coding assistants, have over 1.5 million combined installs and are stealing developer source code. The extensions, "ChatGPT - 中文版" and "ChatGPT - ChatMoss(CodeMoss)", capture every file being opened and every source code modification, and send the data to servers located in China without user knowledge or consent. The extensions also incorporate real-time monitoring and devic
