Threat Intelligence Report

Unauthorized AI Agent Execution Code Published to OpenVSX in Aqua Trivy VS Code Extension

📅 March 2, 2026 📰 socket.dev 🔍 0 CVE(s) referenced

Malicious versions of the Aqua Trivy VS Code extension were published to OpenVSX, covertly injecting prompts that hijack local AI coding assistants to perform system reconnaissance and attempt data exfiltration, marking a novel and stealthy AI-driven supply chain attack.

vendor

🔐 Sign In to Read Full Report

You'll need to accept our Terms of Service to access the platform.

📊 Visual Mindmap

🎯 IOC Extraction

⚔️ MITRE ATT&CK TTPs

📦 STIX 2.1 Bundle