all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Malicious extensions can abuse VS Code flaw to steal auth tokens

Add to bookmarks
Aug. 8, 2023, 9:49 p.m. | Bill Toulas

BleepingComputer www.bleepingcomputer.com

Microsoft's Visual Studio Code (VS Code) code editor and development environment contains a flaw that allows malicious extensions to retrieve authentication tokens stored in Windows, Linux, and macOS credential managers. [...]

abuse auth authentication code credential development editor environment extensions flaw linux macos malicious managers microsoft security steal studio tokens visual studio visual studio code vs code windows

Visit resource

More from www.bleepingcomputer.com / BleepingComputer

Poland says Russian military hackers target its govt networks 2 hours ago | www.bleepingcomputer.com
government gru hackers institutions +17
Monday.com removes "Share Update" feature abused for phishing attacks 3 hours ago | www.bleepingcomputer.com
attacks com feature management +13
Citrix warns admins to manually mitigate PuTTY SSH client bug 6 hours ago | www.bleepingcomputer.com
admin attackers bug citrix +12
AT&T delays Microsoft 365 email delivery due to spam wave 7 hours ago | www.bleepingcomputer.com
amp blocking connections delivery +9
British Columbia investigating cyberattacks on government networks 9 hours ago | www.bleepingcomputer.com
british british columbia canadian columbia +7
Dell warns of data breach, 49 million customers allegedly affected 10 hours ago | www.bleepingcomputer.com
actor breach customers data +8
Zscaler says it was not hacked after rumors circulate online 1 day, 2 hours ago | www.bleepingcomputer.com
access actor breached companies +12
Zscaler takes "test environment" offline after rumors of a breach 1 day, 2 hours ago | www.bleepingcomputer.com
access actor analysis breach +13
University System of Georgia: 800K exposed in 2023 MOVEit attack 1 day, 3 hours ago | www.bleepingcomputer.com
attack attacks breach clop +10

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Embedded VSOC Analyst

@ Sibylline Ltd | Australia, Australia
View on infosec-jobs.com

Cloud Security Platform Engineer

@ Google | London, UK; United Kingdom
View on infosec-jobs.com

Senior Associate Cybersecurity GRC - FedRAMP

@ Workday | USA, VA, McLean
View on infosec-jobs.com

Senior Incident Response Consultant, Mandiant, Google Cloud

@ Google | Mexico; Colombia
View on infosec-jobs.com

Cyber Software Engineering, Advisor

@ Peraton | Fort Gordon, GA, United States
View on infosec-jobs.com

Cloud Security Architect (Federal)

@ Moveworks | Remote, USA
View on infosec-jobs.com
View more jobs