Security researchers found two AI-branded VS Code extensions with 1.5M installs that covertly send source code and files to China-based servers.
Two malicious VS Code extensions have exfiltrated code snippets, API keys, and proprietary algorithms from 1.5 million ...
Attackers can abuse VS Code configuration files for RCE when a GitHub Codespaces user opens a repository or pull request.
Some results have been hidden because they may be inaccessible to you
Show inaccessible results