Threat Group: Unknown cybercriminal operators leveraging developer tooling supply chains
Threat Type: Information stealer malware delivered via malicious development extensions
Exploited Vulnerabilities: Abuse of the Visual Studio Code extension trust model, DLL side loading, PowerShell execution policy misuse, Windows process hollowing
Malware Used: Evelyn Stealer, Lightshot.dll downloader, iknowyou.model
