Open VSX Bug Let Malicious VS Code Extensions Bypass Pre-Publish Security Checks

Cybersecurity researchers have disclosed details of a now-patched bug impacting Open VSX’s pre-publish scanning pipeline to cause the tool to allow a malicious Microsoft Visual Studio Code (VS Code) extension to pass the vetting process and go live in the registry.
“The pipeline had a single boolean return value that meant both ‘no scanners are configured’ and ‘all scanners failed to run,'” Koi

Source

What's Hot

Over $17bn Lost to Cyber Fraud in the Last Year, Warns FBI

3 SOC Process Fixes That Unlock Tier 1 Productivity

Storm-1175 Exploits Flaws in High-Velocity Medusa Attacks

Over $17bn Lost to Cyber Fraud in the Last Year, Warns FBI

3 SOC Process Fixes That Unlock Tier 1 Productivity

Storm-1175 Exploits Flaws in High-Velocity Medusa Attacks

North Korean Hackers Turn JSON Services into Covert Malware Delivery Channels

macOS Stealer Campaign Uses “Cracked” App Lures to Bypass Apple Securi

Cyber M&A Roundup: Cyber Giants Strengthen AI Security Offerings

Why the Identity Security Fabric is Essential for Securing AI and Non-Human Identities

Malicious Nx Packages in ‘s1ngularity’ Attack Leaked 2,349 GitHub, Cloud, and AI Credentials

Most Popular

North Korean Hackers Turn JSON Services into Covert Malware Delivery Channels

macOS Stealer Campaign Uses “Cracked” App Lures to Bypass Apple Securi

Cyber M&A Roundup: Cyber Giants Strengthen AI Security Offerings

Our Picks

Is it OK to let your children post selfies online?

Chronology of a Skype attack

It’s all fun and games until someone gets hacked

Subscribe to Updates

What's Hot

Open VSX Bug Let Malicious VS Code Extensions Bypass Pre-Publish Security Checks

Related Posts

Subscribe to Updates