Unmasking a VS Code Supply Chain Attack

Explore one of the most compelling recent software supply chain attacks targeting the popular VS Code platform. This webinar will dissect the compromise of ETHcode, a trusted Visual Studio Code extension for Ethereum smart contract development with nearly 6,000 installs.

Hijacked through a GitHub pull request introducing just two lines of malicious code, ETHcode demonstrates how minimal changes can have devastating impacts.

ReversingLabs experts unpack how automated detection flagged these suspicious changes — missed by human reviewers — and reveal lessons for defending against similar threats.

Learn how modern development workflows, reliant on community-driven extensions and auto-updating ecosystems, are becoming high-value targets—and what proactive strategies can help protect your organization.

Among other things, the webinar will explore:

• How the attacker used a fake GitHub account to deliver the payload.
• Why the malicious changes escaped the notice of human code reviewers.
• What the obfuscated “keythereum-utils” dependency did, and how it nearly went unnoticed.
• Best practices for detecting and mitigating similar threats in your CI/CD pipeline.

Watch now.