"VSCode Extensions With Malicious Code Installed 229M Times"

According to a group of researchers, Microsoft's Visual Studio Code (VSCode) extensions marketplace has malicious uploads and poor security. In May, the team conducted an experiment in which they hacked over 100 organizations with a typosquatted version of a popular VSCode extension. During their study of the marketplace, they found many security design flaws implemented by Microsoft that allow threat actors to gain credibility and access. This article continues to discuss findings from the group's research on Microsoft's VSCode extensions marketplace.

SC Magazine reports "VSCode Extensions With Malicious Code Installed 229M Times"

Submitted by grigby1