Intel Chain

Root Intel

01KS49JYH6B9…

Compromised Nx Console 18.95.0 Targeted VS Code Developers with Credential Stealer

Cybersecurity researchers have flagged a compromised version of the Nx Console extension that was published to the Microsoft Visual Studio Code (VS Code) Marketplace. The extension in question is rwl.angular-console (version 18.95.0), a popular user interface and plugin for code editors like VS Code, Cursor, and JetBrains. The VS Code extension has more than 2.2 million installations. The Open Source: The Hacker News

View full intel →

Corroborations

Contradictions

Expansions

References

Overall Credibility Score3%

Evidence Chain (3 linked intel)

Corroborates01KS49JW…

Webworm Deploys EchoCreep and GraphWorm Backdoors Using Discord and MS Graph API

Cybersecurity researchers have flagged fresh activity from a China-aligned threat actor known as Webworm in 2025, deploying custom backdoors that employ Discord and Microsoft Graph API for command-and-control (C2 or C&C) communications. Webworm, first publicly documented by Broadcom-owned Symantec in September 2022, is assessed to be active since at least 2022, targeting government agencies Source: The Hacker News

CYBER

View

Corroborates01KS3MNF…

Interpol's 'Operation Ramz' Pioneers Cross-Region Collabs in Middle East

While the numbers are modest, the crackdown on cybercrime involved 13 countries in the MENA region, the largest law enforcement collaboration to date. Source: darkreading

CYBER

View

Have related intel?

Corroborate, contradict, or expand this intelligence chain.

Corroborates Contradicts Expands