Login

Post on Medial

Apple

 • 

Google • 5m

Malicious VSCode Extensions with Millions of Installs Discovered A group of Israeli researchers uncovered security vulnerabilities in the Visual Studio Code (VSCode) Marketplace by creating a fake extension called "Darcula," which mimicked the popular "Dracula Official" theme. The malicious extension, designed to collect system information, was installed by over 100 organizations, including major companies and a national court network. This experiment highlights the significant security risks within the VSCode Marketplace, where thousands of extensions with millions of installs have been found to contain risky or malicious code. The researchers call for more stringent controls and code reviews by Microsoft to mitigate these threats. Source ( bleepingcomputer ) found it interesting Follow for more !!

4 replies11 likes
3
Replies (4)

More like this

Recommendations from Medial

Image Description
Image Description

Prathamesh Prabhu

Stealth • 1m

Must-Have VS Code Extensions! ✨ The right extensions of vs code can supercharge your coding experience! 🚀 Here are some must-have extensions: 🌟Prettier: Keep your code neat and tidy with automatic formatting. ✨ 🌟Live Server: Instantly see your

See More
5 replies3 likes

Rakshak Gupta

 • 

Quixy • 4m

Is the any extension that can add as a group of extensions like if we have no of tabs in the chrome we "add tab to new group" if yes name of the extension

0 replies1 like
Image Description

Archisman Midya

Stealth • 4m

Google’s Project IDX Could Be a Game Changer for Developers Today, I explored Google’s Project IDX and why it might be better than Visual Studio Code (VSCode). Project IDX is a cloud-based coding tool, meaning you can use it from any device, anywhere

See More
1 replies10 likes
2

Rohit Chandnani

Stealth • 21d

Searching for a Co-founder who can code & create a marketplace for the disruption in the market.

0 replies4 likes

Hayan N

Stealth • 3m

Ten website that are useful (Part 2) CODIUM AI 1. VS Code Extensions: Develop and sell extensions. 2. Coding Assistance Services: Provide coding suggestions 3. Coding Tool Platform: Create a tool-sharing platform. MONSTER API; 1. Job Search Tools:

See More
0 replies3 likes
3

Abdul Alim

Stealth • 29d

hii! guys most of the people don't know how to write professional prompt in chatgpt and tools like AIPRM is expensive so i make my own extension wich contains professional prompt and it's free because i make this extension just to help please give a

See More
0 replies3 likes
1
Image Description
Image Description

Abdul Alim

Stealth • 1m

Many people using ChatGPT don’t know how to write the perfect professional prompt, which often leads to bad results from the AI. Tools like AIRPM that help with prompts are too expensive for most users. That’s why I developed my own extension, which

See More
9 replies3 likes
2

Vasvi Seth

Stealth • 5m

🚨 Urgent Cybersecurity Alert: Log4Shell Vulnerability 🚨 Attention Medial community, Have you heard about Log4Shell? It's not just another tech jargon. This critical vulnerability is shaking up the cybersecurity landscape, and here's why: Log4Sh

See More
0 replies5 likes
Image Description

Akshat Aggarwal

Stealth • 6m

Calling out all experts ! 🙋 Building a marketplace from scratch is no walk in the park. So, I'm turning to the fellow experts how can one build a killer consumer marketplace from scratch. What features are MUST-HAVES for initial launch? Should

See More
3 replies4 likes
1

Vasvi Seth

Stealth • 4m

Understanding Network Protocols: The Backbone of Digital Communication In the world of networking, protocols are crucial. A network protocol is essentially a set of rules used by two or more devices on a network to dictate the delivery and structure

See More
0 replies5 likes

Download the medial app to read full posts, comements and news.