Top
image credit: Adobe Stock

The VSCode Marketplace is pretty easy to hack with malicious extensions

January 9, 2023

Via: Techradar
Category:

VSCode Marketplace, a repository for Visual Studio Code (VSC) externsions, has poor security defenses, allowing threat actors to abuse it and distribute malicious code among the millions of its users, experts have warned.

A report from AquaSec tested the platform and concluded that abusing it to distribute malware(opens in new tab) was ridiculously easy.

Furthermore, the researchers claim they weren’t the first to spot the flaws – some threat actors were already active.

Read More on Techradar