New Flaw in IDEs Like Visual Studio Code Lets Malicious Extensions Bypass Verified Status
A security flaw in IDEs like Visual Studio Code lets attackers bypass extension verification, running malicious code on developer machines
More info