1 post
Microsoft's open-source developer tools executed credential-stealing code through normal package resolution. The control plane never inspected what was returned.
