Malicious Pull Request Targets 6,000+ Developers via Vulnerable Ethcode VS Code Extension

A supply chain attack targeted the Ethcode Visual Studio Code extension, compromising over 6,000 developers. The attack involved a malicious pull request that introduced a hidden PowerShell script, potentially stealing cryptocurrency assets or poisoning smart contracts. The extension was removed from the VS Code Extensions Marketplace but has since been reinstated after the malicious dependency was removed.