Code to Compromise: Turning IDEs into attack vectors via malicious Extensions - Debjeet Banerjee

From Code to Compromise: Turning modern day IDEs into attack vectors via malicious Extensions Visual Studio Code has become the de-facto IDE for millions of developers, and its extension marketplace is now a first-class target for supply-chain compromise. In this talk we move beyond yesterday’s JavaScript-only “theme” backdoors and show how to fuse high-level TypeScript with low-level Rust to create extensions that are indistinguishable from legitimate Microsoft-signed add-ons—yet silently execute native x86_64 shellcode inside the IDE process. We begin with a data-driven tour of recent in-the-wild incidents: the Material Theme extension with vulnerable dependencies, the “Solidity” extension that stole $500 k in crypto from a Russian blockchain developer, and the new self propagating GlassWorm extension. The rise of AI-centric forks (Cursor, Windsurf, etc.) has also given a rise to new extension marketplaces where malicious extension can use inflated download counts to serve as perfect camouflage. Next we deep-dive into the malicious extension toolchain: a Rust FFI bridge that compiles to a library, exposes a single innocent-looking TypeScript API, and preserves the marketplace’s blue “verified” tick. We demonstrate live how to backdoor a top-10 Microsoft-published extension so that every subsequent update remains functionally identical while the Rust payload executes shellcode —without triggering Windows Defender, AMSI, or the new Extension Host sandbox. We close with defensive takeaways: IoCs and TTPs to look for, defensive rules which can prevent such attacks and possible detection vectors. Attendees leave with a fully annotated GitHub repo that walks them through the process of developing such malware - starting with a "hello-world" C++ addon and building a stealthy rust based shellcode loader backdoored into a popular Microsoft extension. Debjeet Banerjee I am a Researcher with Black Hills Information Security. I develop malware and build automation pipelines for engagements. As a hobby, I like diving into IDA disassemblies and WinDBG to find increasingly complex way to do things which would annoy EDRs and Reverse Engineers. When I am not looking at screens, I am riding motorcycles, trekking along the himalayas or reading history and philosophy. Security Fest is an inspiring and unique IT security conference held in Gothenburg, Sweden. The event is an excellent opportunity to learn more about IT security, and a great way to connect with both the renowned international speakers, and the other attendees.

Claude is your insider threat now -  Dan Tentler - Security Fest 2026
▶︎

Claude is your insider threat now - Dan Tentler - Security Fest 2026

Zig 2026: No-AI Policy, $670K Foundation, Left GitHub & Why Zig Isn’t 1.0 - Andrew Kelley Explains
▶︎

Zig 2026: No-AI Policy, $670K Foundation, Left GitHub & Why Zig Isn’t 1.0 - Andrew Kelley Explains

Stealthy Persistence in Enterprise Environments - Alexander Andersson - Security Fest 2026
▶︎

Stealthy Persistence in Enterprise Environments - Alexander Andersson - Security Fest 2026

Keynote: After the AI Hype – What’s Real, and What’s Next - Richard Campbell - 2026
▶︎

Keynote: After the AI Hype – What’s Real, and What’s Next - Richard Campbell - 2026

What Happened to Sun Microsystems? Why the Tech Giant Disappeared
▶︎

What Happened to Sun Microsystems? Why the Tech Giant Disappeared

Co-Creator of Haskell: Functional Programming, Thinking in Types, Useless Languages | Simon Jones
▶︎

Co-Creator of Haskell: Functional Programming, Thinking in Types, Useless Languages | Simon Jones

Android 17 sucks. So I put Linux on a phone.
▶︎

Android 17 sucks. So I put Linux on a phone.

Billionaire's WARNING: I'm SELLING. The Crash Is Already Here!
▶︎

Billionaire's WARNING: I'm SELLING. The Crash Is Already Here!

Building an AI Dark Factory:  A Codebase That Writes Its Own Code, Live
▶︎

Building an AI Dark Factory: A Codebase That Writes Its Own Code, Live

Practical Exploitation – No CVE Required
▶︎

Practical Exploitation – No CVE Required

ASMR Best Triggers For Sleep Collection (No Talking) 3 Hours of Tapping & Scratching
▶︎

ASMR Best Triggers For Sleep Collection (No Talking) 3 Hours of Tapping & Scratching

Creator of C++: Bell Labs, Negative Overhead Abstraction, Mistakes | Bjarne Stroustrup
▶︎

Creator of C++: Bell Labs, Negative Overhead Abstraction, Mistakes | Bjarne Stroustrup

They LAUGHED at this White Rapper...then he started Rapping | Chris Turner's Freestyle Raps
▶︎

They LAUGHED at this White Rapper...then he started Rapping | Chris Turner's Freestyle Raps

When Celebrities Couldn’t Handle Sacha Baron Cohen’s ZERO Filter (Borat, Ali G, The Dictator)
▶︎

When Celebrities Couldn’t Handle Sacha Baron Cohen’s ZERO Filter (Borat, Ali G, The Dictator)

I Hacked This Temu Router. What I Found Should Be Illegal.
▶︎

I Hacked This Temu Router. What I Found Should Be Illegal.

Hacking Big Iron: When Modern Security Assumptions Fail on Mainframes -  Adam Toscher - SF2026
▶︎

Hacking Big Iron: When Modern Security Assumptions Fail on Mainframes - Adam Toscher - SF2026

How Rockstar fit an entire city into PlayStation 2 memory
▶︎

How Rockstar fit an entire city into PlayStation 2 memory

The Big Short (2015): The Jenga Scene – Explaining the Financial Collapse
▶︎

The Big Short (2015): The Jenga Scene – Explaining the Financial Collapse

Turing Award Winner: Disagreeing with Google, Postgres, Future Problems | Mike Stonebraker
▶︎

Turing Award Winner: Disagreeing with Google, Postgres, Future Problems | Mike Stonebraker

Casey Muratori – The Big OOPs: Anatomy of a Thirty-five-year Mistake – BSC 2025
▶︎

Casey Muratori – The Big OOPs: Anatomy of a Thirty-five-year Mistake – BSC 2025