Attackers can inject indirect prompts in normal-looking repositories to trick Claude Code into spawning a reverse shell.
Mozilla researchers revealed a new attack that tricks Claude Code into running hidden commands from seemingly harmless GitHub repositories.
This extension provides rich PowerShell language support for Visual Studio Code (VS Code). Now you can write and debug PowerShell scripts using the excellent IDE-like interface that VS Code provides.
Nix devcontainer is an opinionated vscode devcontainer that uses debian image for a base system and nix package manager for management of your development environments. Combination of a good base ...
A malicious Python package named 'fabrice' has been present in the Python Package Index (PyPI) since 2021, stealing Amazon Web Services credentials from unsuspecting developers. According to ...
A Chinese state-aligned espionage group has become the first documented threat actor to weaponize a known exploit in VS Code in a malicious attack. Visual Studio Code, or VS Code, is Microsoft's free ...
A group of Israeli researchers explored the security of the Visual Studio Code marketplace and managed to "infect" over 100 organizations by trojanizing a copy of the popular 'Dracula Official theme ...