🚀 Medial just raised $500k in Pre-Series A. Tap to read the announcement. 🎉

Download App

Home

Switch theme

Blog . Feedback . Privacy
Community Guidelines

Back to feeds

Apple
•

Google • 8m

Malicious VSCode Extensions with Millions of Installs Discovered A group of Israeli researchers uncovered security vulnerabilities in the Visual Studio Code (VSCode) Marketplace by creating a fake extension called "Darcula," which mimicked the popular "Dracula Official" theme. The malicious extension, designed to collect system information, was installed by over 100 organizations, including major companies and a national court network. This experiment highlights the significant security risks within the VSCode Marketplace, where thousands of extensions with millions of installs have been found to contain risky or malicious code. The researchers call for more stringent controls and code reviews by Microsoft to mitigate these threats. Source ( bleepingcomputer ) found it interesting Follow for more !!

4 replies11 likes

Replies (4)

Gireendra Varma

Stealth • 8m

🤯

0 replies

LIKHITH

Stealth • 8m

WTF!!

1 replies

Recommendations from Medial

Prathamesh Prabhu

Stealth • 4m

Must-Have VS Code Extensions! ✨ The right extensions of vs code can supercharge your coding experience! 🚀 Here are some must-have extensions: 🌟Prettier: Keep your code neat and tidy with automatic formatting. ✨ 🌟Live Server: Instantly see your

5 replies3 likes

Rakshak Gupta
•

Quixy • 7m

Is the any extension that can add as a group of extensions like if we have no of tabs in the chrome we "add tab to new group" if yes name of the extension

0 replies1 like

Archisman Midya

Stealth • 7m

Google’s Project IDX Could Be a Game Changer for Developers Today, I explored Google’s Project IDX and why it might be better than Visual Studio Code (VSCode). Project IDX is a cloud-based coding tool, meaning you can use it from any device, anywhere

1 replies10 likes

Rohit Chandnani

Stealth • 3m

Searching for a Co-founder who can code & create a marketplace for the disruption in the market.

0 replies4 likes

Hayan N

Stealth • 5m

Ten website that are useful (Part 2) CODIUM AI 1. VS Code Extensions: Develop and sell extensions. 2. Coding Assistance Services: Provide coding suggestions 3. Coding Tool Platform: Create a tool-sharing platform. MONSTER API; 1. Job Search Tools:

0 replies3 likes

Abdul Alim

Stealth • 3m

hii! guys most of the people don't know how to write professional prompt in chatgpt and tools like AIPRM is expensive so i make my own extension wich contains professional prompt and it's free because i make this extension just to help please give a

0 replies3 likes

Abdul Alim

Stealth • 3m

Many people using ChatGPT don’t know how to write the perfect professional prompt, which often leads to bad results from the AI. Tools like AIRPM that help with prompts are too expensive for most users. That’s why I developed my own extension, which

9 replies4 likes

Vasvi Seth

Stealth • 8m

🚨 Urgent Cybersecurity Alert: Log4Shell Vulnerability 🚨 Attention Medial community, Have you heard about Log4Shell? It's not just another tech jargon. This critical vulnerability is shaking up the cybersecurity landscape, and here's why: Log4Sh

0 replies5 likes

Akshat Aggarwal

Stealth • 9m

Calling out all experts ! 🙋 Building a marketplace from scratch is no walk in the park. So, I'm turning to the fellow experts how can one build a killer consumer marketplace from scratch. What features are MUST-HAVES for initial launch? Should

3 replies4 likes

ANKIT KUMAR

Stealth • 12d

Flipzy - The Future of C2C Marketplace Flipzy is a next-generation C2C marketplace designed to make buying and selling used products easier, faster, and more flexible than OLX. Our platform ensures a seamless experience with secure transactions, sma

8 replies15 likes