![]() This new VS Code extensions supply chain security threat has the potential to become a new attack playground, potentially impacting over 2,000,000 developers. The potential compromise is so significantly severe that a remote code execution on a developer’s machine is possible by simply tricking the developer to click a link. But now, Snyk has discovered and disclosed vulnerabilities that pose a real and imminent threat to developers who use these extensions and then interact with a malicious actor. Until recently, no security vulnerabilities had been discovered in VS Code extensions, creating a sense of security for millions of developers.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |