Microsoft's Visual Studio Code Flaw Allows Malicious Extensions to Steal Authentication Tokens

Researchers have discovered a flaw in Microsoft's Visual Studio Code editor and development environment. Malicious extensions can retrieve authentication tokens stored in Windows, Linux, and Mac OS. Researchers reported the flaw in a working proof of concept to Microsoft two months ago but it has yet to be addressed.

Play episode from 25:34

Transcript

The AI-powered Podcast Player

Save insights by tapping your headphones, chat with episodes, discover the best highlights - and more!

Get the app