Compromised Nx Console 18.95.0 Targeted VS Code Developers with Credential Stealer

thehackernews.com·May 19, 2026

Cybersecurity researchers have identified a compromised version of the Nx Console extension (rwl.angular-console version 18.95.0) on the Microsoft VS Code Marketplace, which has over 2.2 million installations.

A key learning for you as a cybersecurity professional is the importance of monitoring and verifying the integrity of popular extensions in development environments, as they can be a vector for supply chain attacks. This incident with the compromised Nx Console extension underscores the need for implementing rigorous security checks and threat intelligence measures to detect and respond to such vulnerabilities promptly, protecting your organization's development processes from potential exploitation.

Want more content like this?

twixb tracks your favorite blogs and social media, filters by keywords, and delivers personalized key learnings — straight to your inbox.

Create Your Own →Explore Newsfeeds

More from Cybersecurity News

Recent stories curated alongside this one.

Browse all Cybersecurity News →

Compromised Nx Console 18.95.0 Targeted VS Code Developers with Credential Stealer

Want more content like this?

More from Cybersecurity News

Microsoft shares mitigation for YellowKey Windows zero-day

Risky Business #838 -- GitHub investigates possible breach

Risky Bulletin: Microsoft takes down crime SaaS used by ransomware gangs

Verizon DBIR 2026: Vulnerability Exploitation Overtakes Credential Theft as Top Breach Vector

Max-severity flaw in ChromaDB for AI apps allows server hijacking