[HackerNews] Newly Discovered Bugs in VSCode Extensions Could Lead to Supply Chain Attacks

Severe security flaws uncovered in popular Visual Studio Code extensions could enable attackers to compromise local machines as well as build and deployment systems through a developer’s integrated development environment (IDE).
The vulnerable extensions could be exploited to run arbitrary code on a developer’s system remotely, in what could ultimately pave the way for supply chain attacks.
Some

Source: Read More (The Hacker News)

You might be interested in …

[TheRecord] Billions of devices impacted by new BrakTooth Bluetooth vulnerabilities

A team of security researchers has published details this week about a suite of 16 vulnerabilities that impact the Bluetooth software stack that ships with System-on-Chip (SoC) boards from several popular vendors. The vulnerabilities, collectively known as BrakTooth, allow attackers to crash or freeze devices or, in the worst-case scenarios, execute malicious code and take over […]

Read More

[SecurityWeek] University of California Confirms Personal Information Stolen in Cyberattack

All posts, Security Week

The University of California (UC) this week confirmed that personal information was stolen in a cyberattack involving the Accellion File Transfer Appliance (FTA) service. read more Source: Read More (SecurityWeek RSS Feed)

Read More

[ZDNet] GitHub enables two-factor authentication mechanism through iOS, Android app

All posts, ZDNet

GitHub Mobile 2FA will be available to all GitHub users in the App Store and Play Store this week. Source: Read More (Latest topics for ZDNet in Security)

Read More

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.