A new attack vector targeting the Visual Studio Code extensions marketplace could be leveraged to upload rogue extensions masquerading as their legitimate counterparts with the goal of mounting supply chain attacks.
The technique "could act as an entry point for an attack on many organizations," Aqua security researcher Ilay Goldman said in a report published last week.
VS Code extensions,
http://dlvr.it/Sgb8F5
Subscribe to:
Post Comments (Atom)
SBU to receive $450,000 to develop Cyber Operations Center - St. Bonaventure
SBU to receive $450,000 to develop Cyber Operations Center St. Bonaventure http://dlvr.it/T4jfQ8
-
Laravel 9.1.8, when processing attacker-controlled data for deserialization, allows Remote Code Execution via an unserialize pop chain in __...
-
A cyberespionage group with ties to North Korea has resurfaced with a stealthier variant of its remote access trojan called Konni to attack ...
-
NCUA cyber breach rule would give credit unions longer reporting window than banks Banking Dive http://dlvr.it/SVVF51
No comments:
Post a Comment