— Nx Console VS Code Extension Hit by Supply Chain Attack Cybersecurity researchers have flagged a compromised version of the Nx Console extension published to the Microsoft Visual Studio Code Marketplace. The extension in question — rwl.angular-console version 18.95.0 — has more than 2.2 million installations and serves as a popular user interface for Nx monorepo management across VS Code, Cursor, and JetBrains editors. The Open VSX version was not affected by the incident.
Key Takeaways
— Nx Console VS Code Extension Hit by Supply Chain Attack Cybersecurity researchers have flagged a compromised version of the Nx Console extension published to the Microsoft Visual Studio Code Marketplace.
The extension in question — rwl.angular-console version 18.95.0 — has more than 2.2 million installations and serves as a popular user interface for Nx monorepo management across VS Code, Cursor, and JetBrains editors.
Attack Delivery According to research by StepSecurity, within seconds of a developer opening any workspace, the compromised extension silently fetched and executed a 498 KB obfuscated payload from a dangling orphan commit hidden inside the official nrwl/nx GitHub repository.
Bottom Line
Nx Console VS Code Extension Hit by Supply Chain Attack is a signal that cybersec is accelerating fast in 2026. If you're building or securing infrastructure, this trend is worth watching closely.
Read the full analysis on Susiloharjo.
Top comments (0)