Sideloaded extensions are particularly vulnerable After confirming the behavior on VSCode, OX extended their investigation to other platforms, including Visual Studio, IntelliJ IDEA, and Cursor.