Kevin Beaumont on Nostr: A reminder that Visual Studio Code’s marketplace is still an absolute security ...
A reminder that Visual Studio Code’s marketplace is still an absolute security clusterfuck that Microsoft have engineered.
There’s active supply chain attacks in there nobody has reported on. (That, yes, will get a cartoon porg blog on one day).
Published at
2024-10-24 22:56:48Event JSON
{
"id": "d00a242a98e653487cbcda7dfb7ae7ebd53148cf5879308b963f8a63b553a223",
"pubkey": "f6870afcde4480ec8508f50304859e14a51309ff24ab3f0f862c52bdc4af8747",
"created_at": 1729810608,
"kind": 1,
"tags": [
[
"e",
"c06f2bbb136da930b32115f16e732f7adcf9d8fc51fbb9b442a9e636449b2ec1",
"wss://relay.mostr.pub",
"reply"
],
[
"proxy",
"https://cyberplace.social/users/GossiTheDog/statuses/113364868053984419",
"activitypub"
]
],
"content": "A reminder that Visual Studio Code’s marketplace is still an absolute security clusterfuck that Microsoft have engineered. \n\nThere’s active supply chain attacks in there nobody has reported on. (That, yes, will get a cartoon porg blog on one day).",
"sig": "194ec7a23bc223b82921f5b24cc3bcb34fc1ad7ad8dc48e49f8cb34a62f4e173c83a65f2b60f12f22f728f7fd4d3b927bf15338de925ce7a046d58f599be1d59"
}
