The VSCode Marketplace is pretty easy to hack with malicious extensions

VSCode Marketplace, a repository for Visual Studio Code (VSC) externsions, has poor security defenses, allowing threat actors to abuse it and distribute malicious code among the millions of its users, experts have warned.

A report from AquaSec tested the platform and concluded that it was abusing malware (opens in new tab) was ridiculously easy.

Leave a Reply

Your email address will not be published. Required fields are marked *