Top issues
Detected presence of known software supply chain attack artifacts.
Causes risk: supply chain attack artifacts
threats
Problem
Proprietary ReversingLabs malware detection algorithms have determined that the software package contains one or more malicious components. The detection was made by either a static byte signature, software component identity, or a complete file hash. This malware detection method is considered highly accurate, and can typically attribute malware to previously discovered software supply chain attacks. It is common to have multiple supply chain attack artifacts that relate to a single malware incident.Prevalence in Visual Studio Code community
2 packages
found in
Top 100
15 packages
found in
Top 1k
51 packages
found in
Top 10k
341 packages
in community
Next steps
If the software intent does not relate to malicious behavior, investigate the build and release environment for software supply chain compromise.
Avoid using this software package.
Detected presence of malicious files by a machine learning algorithm.
Causes risk: malicious components found
threats
Problem
Proprietary ReversingLabs malware detection algorithms have determined that the software package contains one or more malicious files. The detection was made by a machine learning model. This malware detection method is considered proactive, and can typically identify the malware threat type. The detection is strongly influenced by behaviors that software components exhibit. Behaviors similar to previously discovered malware and software supply chain attacks may cause some otherwise benign components to be detected as malicious.Prevalence in Visual Studio Code community
8 packages
found in
Top 100
6 packages
found in
Top 1k
21 packages
found in
Top 10k
75 packages
in community
Next steps
Inspect behaviors exhibited by the detected software components.
If the software behaviors differ from expected, investigate the build and release environment for software supply chain compromise.
Avoid using this software package until it is vetted as safe.
Consider rewriting code that may have triggered the detection due to its malware similarity.
Detected presence of malicious files through analyst-vetted file reputation.
Causes risk: analyst-vetted malware found
threats
Problem
Threat researchers have manually inspected the software package and determined that it contains one or more malicious files. The detection was made by a hash-based file reputation lookup. This malware detection method is considered highly accurate, and can typically identify the malware family by name.Prevalence in Visual Studio Code community
0 packages
found in
Top 100
3 packages
found in
Top 1k
3 packages
found in
Top 10k
191 packages
in community
Next steps
Investigate the build and release environment for software supply chain compromise.
Avoid using this software package.
Detected presence of high severity vulnerabilities.
Causes risk: high severity vulnerabilities
vulnerabilities
Problem
Software composition analysis has identified a component with one or more known vulnerabilities. Based on the CVSS scoring, these vulnerabilities have been marked as high severity.Prevalence in Visual Studio Code community
68 packages
found in
Top 100
555 packages
found in
Top 1k
3086 packages
found in
Top 10k
17.47k packages
in community
Next steps
Perform impact analysis for the reported CVEs.
Update the component to the latest version.
If the update can't resolve the issue, create a plan to isolate or replace the affected component.
Problem
Uniform Resource Locators (URLs) are structured addresses that point to locations and assets on the internet. URLs allow software developers to build complex applications that exchange data with servers that can be hosted in multiple geographical regions. URLs can commonly be found embedded in documentation, configuration files, source code and compiled binaries. One or more embedded URLs were discovered to link to raw files hosted on GitHub. Attackers often abuse popular web services to host malicious payloads. Since code-sharing services URLs are typically allowed by security solutions, using them for payload delivery increases the odds that the malicious code will reach the user. While the presence of code-sharing service locations does not imply malicious intent, all of their uses in a software package should be documented and approved. An increasing number of software supply chain attacks in the open source space leverages the GitHub service to deliver malicious payloads.Prevalence in Visual Studio Code community
79 packages
found in
Top 100
622 packages
found in
Top 1k
4233 packages
found in
Top 10k
29.36k packages
in community
Next steps
Investigate reported detections.
If the software should not include these network references, investigate your build and release environment for software supply chain compromise.
You should delay the software release until the investigation is completed, or until the issue is risk accepted.
Consider an alternative delivery mechanism for software packages.
Top behaviors
Retrieves the name of the user associated with the process.
search
Prevalence in Visual Studio Code community
Behavior often found in this community (Common)
26 packages
found in
Top 100
136 packages
found in
Top 1k
330 packages
found in
Top 10k
1.5k packages
in community
Modifies file/directory permissions.
permissions
Prevalence in Visual Studio Code community
Behavior often found in this community (Common)
67 packages
found in
Top 100
547 packages
found in
Top 1k
2891 packages
found in
Top 10k
14.99k packages
in community
Permits an incoming connection on a TCP socket.
network
Prevalence in Visual Studio Code community
Behavior often found in this community (Common)
32 packages
found in
Top 100
173 packages
found in
Top 1k
424 packages
found in
Top 10k
1.58k packages
in community
Opens a socket listening for an incoming connection.
network
Prevalence in Visual Studio Code community
Behavior often found in this community (Common)
27 packages
found in
Top 100
142 packages
found in
Top 1k
341 packages
found in
Top 10k
1.41k packages
in community
Deletes files in Windows system directories.
file
Prevalence in Visual Studio Code community
Behavior often found in this community (Common)
31 packages
found in
Top 100
159 packages
found in
Top 1k
346 packages
found in
Top 10k
1.56k packages
in community
Top vulnerabilities
Vulnerability Exploitation Lifecycle
(3 Active Vulnerabilities)
3 (3 Fixable)
CVE-2025-29087h
CVE-2025-6965h
CVE-2025-3277m
None
None
None
Exploits Unknown
Exploits Exist
Exploited by Malware
Patching Mandated