Kevin Beaumont on Nostr: Background blogs on VSCode extensions, which the author didn’t link together and ...
Background blogs on VSCode extensions, which the author didn’t link together and basically struggled to communicate the issue widely, but the issues are definitely there.
Part 1 https://medium.com/@amitassaraf/the-story-of-extensiontotal-how-we-hacked-the-vscode-marketplace-5c6e66a0e9d7
Part 2 https://medium.com/extensiontotal/2-6-exposing-malicious-extensions-shocking-statistics-from-the-vs-code-marketplace-cf88b7a7f38f
Part 3 https://medium.com/extensiontotal/3-6-uncovering-design-flaws-in-the-visual-studio-code-marketplace-ea1d8e8b0171
Part 4 https://medium.com/extensiontotal/4-6-introducing-extensiontotal-how-to-assess-risk-in-vs-code-extensions-3ac5bfd83fb1
Part 5 https://medium.com/extensiontotal/5-6-breaking-the-internet-the-aftermath-of-our-research-2dee0a1e2498
Part 6 https://medium.com/extensiontotal/6-6-uncover-hidden-risks-cisos-guide-to-using-extensiontotal-api-for-your-organization-59fee46e6369
Follow up https://medium.com/extensiontotal/vscode-extension-trivia-real-or-cake-f729adc9e03e
Part 1 https://medium.com/@amitassaraf/the-story-of-extensiontotal-how-we-hacked-the-vscode-marketplace-5c6e66a0e9d7
Part 2 https://medium.com/extensiontotal/2-6-exposing-malicious-extensions-shocking-statistics-from-the-vs-code-marketplace-cf88b7a7f38f
Part 3 https://medium.com/extensiontotal/3-6-uncovering-design-flaws-in-the-visual-studio-code-marketplace-ea1d8e8b0171
Part 4 https://medium.com/extensiontotal/4-6-introducing-extensiontotal-how-to-assess-risk-in-vs-code-extensions-3ac5bfd83fb1
Part 5 https://medium.com/extensiontotal/5-6-breaking-the-internet-the-aftermath-of-our-research-2dee0a1e2498
Part 6 https://medium.com/extensiontotal/6-6-uncover-hidden-risks-cisos-guide-to-using-extensiontotal-api-for-your-organization-59fee46e6369
Follow up https://medium.com/extensiontotal/vscode-extension-trivia-real-or-cake-f729adc9e03e