The post discusses how the authors were able to create and publish a malicious VSCode extension that stole source code in just 30 minutes. They identified vulnerabilities in VSCode extensions and highlighted the risks associated with them. Multiple multi-billion dollar companies were affected by the attack.
Sort: