Phantom Pulse RAT Hits Obsidian Plugins: How to Audit Dev Tool Supply Chains

A malicious Obsidian community plugin delivered the Phantom Pulse RAT to developer vaults. Here is the attack chain and how to audit plugins in Obsidian, VS Code, and Cursor.