DVIUS Intelligence Summary: Malicious VSX Extension "SleepyDuck" Uses Ethereum to Keep Its Command Server Alive - Analysis from Thehackernews.
Cybersecurity researchers have flagged a new malicious extension in the Open VSX
registry that harbors a remote access trojan called SleepyDuck.
According to Secure Annex's John Tuckner, the extension in question,
juan-bianco.solidity-vlang (version 0.0.7), was first published on October 31,
2025, as a completely benign library that was subsequently updated to version
0.0.8 on November 1 to
DVIUS AI Assessment: This incident highlights the ongoing evolution of cyber threats. Organizations should prioritize patch management, employee awareness training, and multi-factor authentication to mitigate similar risks. For full details, refer to the original source.