Kid@sh.itjust.worksM to Cybersecurity@sh.itjust.worksEnglish · 9 months agoMalicious VSCode extensions with millions of installs discoveredwww.bleepingcomputer.comexternal-linkmessage-square7fedilinkarrow-up164arrow-down12cross-posted to: programming@programming.devprogramming@beehaw.org
arrow-up162arrow-down1external-linkMalicious VSCode extensions with millions of installs discoveredwww.bleepingcomputer.comKid@sh.itjust.worksM to Cybersecurity@sh.itjust.worksEnglish · 9 months agomessage-square7fedilinkcross-posted to: programming@programming.devprogramming@beehaw.org
minus-squarejohannesvanderwhales@lemmy.worldlinkfedilinkEnglisharrow-up2·9 months agoI don’t think I realized that the extensions could contain code since most of them are just doing syntax highlighting.
minus-squaretowerful@programming.devlinkfedilinkEnglisharrow-up2·9 months agoYou obviously haven’t seen the platformio extension. It’s a beast, turns VSCode into an embedded IDE and programmer for loads of different microchips
minus-squarejohannesvanderwhales@lemmy.worldlinkfedilinkEnglisharrow-up2·9 months agoYeah I’m not using anything like that. Bit irresponsible of MS to not audit this stuff, then. Lots of businesses allowing users to install vs code extensions freely even if they’re otherwise restricted for software installs.
I don’t think I realized that the extensions could contain code since most of them are just doing syntax highlighting.
You obviously haven’t seen the platformio extension.
It’s a beast, turns VSCode into an embedded IDE and programmer for loads of different microchips
Yeah I’m not using anything like that. Bit irresponsible of MS to not audit this stuff, then. Lots of businesses allowing users to install vs code extensions freely even if they’re otherwise restricted for software installs.