News

The Hacker News3h

Researchers Find VS Code Flaw Allowing Attackers to Republish Deleted Extensions Under Same Names

VS Code flaw lets attackers reuse deleted extension names, enabling ransomware payload delivery and supply chain risks.
XDA Developers on MSN10d

This self-hosted tool is perfect for code snippets, and even has a VS Code extension

The built-in code editor (CodeMirror in v3) supports syntax highlighting for over 160 programming languages right out of the ...
InfoWorld2y

Researchers warn of malicious Visual Studio Code extensions

Attackers could easily spoof popular Visual Studio Code extensions and trick developers into downloading them, Aqua Nautilus researchers report.
The Hacker News8d

DOM-Based Extension Clickjacking Exposes Popular Password Managers to Credential and Data Theft

DOM-Based Extension Clickjacking Exposes Popular Password Managers to Credential and Data Theft | Read more hacking news on ...
CSO Online7d

Hackers can slip ghost commands into the Amazon Q Developer VS Code Extension

The extension can be tricked by invisible Unicode Tag Characters-special symbols unseen by humans but obeyed by AI.