[HackerNews] Newly Discovered Bugs in VSCode Extensions Could Lead to Supply Chain Attacks

Severe security flaws uncovered in popular Visual Studio Code extensions could enable attackers to compromise local machines as well as build and deployment systems through a developer’s integrated development environment (IDE).
The vulnerable extensions could be exploited to run arbitrary code on a developer’s system remotely, in what could ultimately pave the way for supply chain attacks.
Some

Source: Read More (The Hacker News)

You might be interested in …

[SecurityWeek] Organizations Warned About DoS Flaws in Popular Open Source Message Brokers

All posts, Security Week

Organizations have been warned about denial of service (DoS) vulnerabilities found in RabbitMQ, EMQ X and VerneMQ, three widely used open source message brokers. read more Source: Read More (SecurityWeek RSS Feed)

Read More

[SANS ISC] Filter JSON Data by Value with Linux jq, (Sun, Aug 29th)

All posts, Sans-ISC

Since JSON has become more prevalent as a data service, unfortunately, it isn’t at all BASH friendly and manipulating JSON data at the command line with REGEX (i.e. sed, grep, etc.) is cumbersome and difficult to get the output I want. So, there is a Linux tool I use for this, jq is a tool […]

Read More

[HackerNews] Hackers Spotted Using Morse Code in Phishing Attacks to Evade Detection

All posts, HackerNews

Microsoft has disclosed details of an evasive year-long social engineering campaign wherein the operators kept changing their obfuscation and encryption mechanisms every 37 days on average, including relying on Morse code, in an attempt to cover their tracks and surreptitiously harvest user credentials. The phishing attacks take the form of invoice-themed lures mimicking financial-related Source: […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.