vscode
2 posts
Article
Malicious VSCode extension shipped through official Marketplace
Technical analysis of a compromised VSCode extension reaching GitHub credentials: extension host privileges, MITRE ATT&CK mapping, telemetry gaps.
Article
The extension on your dock just shipped malware
A compromised VSCode extension reached GitHub. Breakdown of the trust boundary that failed and what developer endpoints actually expose.