The Prettier Code formatter, a widely adopted open-source tool for code formatting, was impersonated on the VSCode Marketplace in a brandjacking attack. Threat actors distributed a malicious spoofed extension that injected the Anivia Stealer malware onto Windows systems of unsuspecting developers. This malware is designed to exfiltrate sensitive data, including credentials, browser cookies, cryptocurrency wallets, and system information, from infected machines. The attack leveraged social engineering, tricking developers into installing the fake extension under the guise of a legitimate update or alternative. Once executed, Anivia Stealer established persistence and began harvesting data, which could be used for follow-on attacks such as credential stuffing, financial fraud, or lateral movement within corporate networks. While the immediate impact was limited to individual developers' workstations, the stolen data could enable broader compromises if corporate credentials or proprietary code were exposed. The incident highlights risks in supply-chain attacks via third-party marketplaces, where trust in open-source tools is exploited. Microsoft removed the malicious extension, but the breach underscores the need for verification mechanisms and developer awareness to mitigate such threats. No large-scale data leaks or ransomware were reported, but the theft of personal and professional data poses reputational and operational risks for affected users and organizations.