Fake VS Code extension on npm uses altered ScreenConnect utility as spyware

A counterfeit 'Truffle for VS Code' extension, published on the npmjs registry, abuses the ConnectWise ScreenConnect remote desktop utility, allowing threat actors to compromise Windows systems that install the package.

The post Fake VS Code extension on npm uses altered ScreenConnect utility as spyware appeared first on Security Boulevard.