The backdooring of the Nx Console Visual Studio Code extension β with millions of installs across enterprise JavaScript development environments β illustrates a supply-chain attack vector that most organisations have not assessed or controlled. VS Code extensions run with the full permissions of the developerβs user session, have read access to all files in open workspaces, and can make arbitrary network connections. A backdoored extension is equivalent to a persistent credential-harvesting implant installed by the developer themselves.
Building an Extension Inventory
The first step in assessing VS Code extension risk is understanding what is installed across the developer fleet. This is not trivial: VS Code extensions are installed per-user, not system-wide, and are not typically tracked by software asset management tools.
For individual developer workstations:
# List all installed extensions with publisher and version
code --list-extensions --show-versionsFor fleet-wide inventory using a configuration management tool:
- Puppet/Chef/Ansible: collect
~/.vscode/extensions/directory listing from all developer hosts - Jamf Pro (macOS): run an extension attribute collecting
ls ~/.vscode/extensions/ - Microsoft Intune: use a custom compliance policy or Endpoint Analytics to query VS Code extension directories
Export the inventory to a spreadsheet mapping: extension name β publisher ID β version β number of developer hosts.
Publisher Verification
The Nx Console compromise used a visually similar publisher account name. Publisher names in the VS Marketplace are case-insensitive and may use look-alike characters. For each extension in your inventory:
- Look up the extension on
marketplace.visualstudio.com - Verify the Publisher ID (not the display name) β this is shown as
publisher.extensionnameand is a unique registry identifier - For critical developer tooling, verify the publisherβs verification badge (a checkmark indicating Microsoft has verified the publisher identity)
For Nx Console specifically, the legitimate publisher ID is nrwl.angular-console. Any extension with a different publisher ID claiming to be Nx Console is not legitimate.
Known spoofed publisher patterns from this campaign:
nrwl-tools.angular-consolenrwl.nx-consoleangular-console.nrwl
Assessing Extension Permissions
VS Code extensions request permissions implicitly through their manifest. Unlike browser extensions, there is no explicit permission grant β all extensions can read workspace files and make network connections by default. However, the manifest (package.json) declares activation events that indicate when an extension runs:
cat ~/.vscode/extensions/nrwl.angular-console-*/package.json | python3 -m json.tool | grep -A5 '"activationEvents"'Extensions that activate on * (all events) or onStartupFinished run on every workspace open. Extensions with no legitimate reason for broad activation events but that activate on * are suspicious.
Network activity monitoring:
For macOS developer hosts:
lsof -i -n -P | grep -i codeFor Windows developer hosts using Sysmon:
- Network events (EventID 3) from
Code.exeto non-Microsoft destinations - File access events to
.env,.aws/credentials, and~/.ssh/fromextensionHostProcess.exe
Enterprise Controls
VS Code extension allow-listing via policy:
Microsoft provides an enterprise extension management policy for VS Code that restricts which extensions can be installed. Configure via settings.json or GPO:
{
"extensions.allowedExtensionIds": [
"publisher1.extension1",
"publisher2.extension2"
]
}This is the most robust control: developers can only install extensions from an approved list maintained by the security team.
VS Code Remote and Dev Containers:
If your environment uses VS Code Remote (connecting to a remote dev environment or container), extensions that run in the remote context have access to the remote filesystem but not the developerβs local credential stores. This reduces the blast radius of a compromised extension targeting local credentials.
Immediate Remediation for Nx Console (CVE-2026-48027)
Remove all Nx Console installations and reinstall only the verified nrwl.angular-console publisher version. Then:
- Rotate credentials that were accessible from affected workstations (see developer credential inventory list in the TeamPCP campaign article)
- Check VS Code extension telemetry or network logs for outbound connections from
extensionHostProcessduring workspace open events over the past 30 days - Review all extensions installed from non-verified publishers and assess whether they are legitimate before reinstalling
Share this article