Cybersecurity researchers have flagged a supply chain attack targeting a Microsoft Visual Studio Code (VS Code) extension called Ethcode that has been installed a little over 6,000 times. The compromise, per ReversingLabs, occurred via a GitHub pull request that was opened by a user named Airez299 on June 17, 2025. First released by 7finney in 2022, Ethcode is a VS Code extension that's used to deploy and execute solidity smart contracts in Ethereum Virtual Machine (EVM)-based blockchains. An EVM is a decentralized computation engine that's designed to run smart contracts on the Ethereum network. According to the supply chain security company, the GitHub project received its last non-malicious update on September 6, 2024. That changed last month when Airez299 opened a pull request with the message "Modernize codebase with viem integration and testing framework." The user claimed to have added a new testing framework with Mocha integration and contract testing features, as well as made a number of changes, including removing old configurations and updating the dependencies to the latest version. While that may seem like a useful update for a project that lay dormant for over nine months, ReversingLabs said the unknown threat actor behind the attack managed to sneak in two lines of code as part of 43 commits and roughly 4,000 lines changes that compromised the entire extension. This included the addition of an npm dependency in the form of the "keythereum-utils" in the…Read More