Visual Studio Magazine

VS Code Team Member Blames User Trust Decisions in Repo-Based Attacks

In a a robust Hacker News thread sparked by Jamf Threat Labs research, a VS Code team member defended the editor's Workspace Trust model as the primary safeguard against repo-based malware -- while ...
Cybernews

North Korea is turning open-source projects into malware traps

North Korea is doubling down on a familiar playbook by weaponizing trust in open-source software and developer workflows. The ...
GitHub

force installation of recommended plugins in .vscode/extensions.json

When working on a team project, it's crucial to maintain a consistent development environment. Visual Studio Code (VSCode) extensions play a vital role in enhancing productivity and enforcing coding ...
腾讯网

朝鲜黑客武器化VS Code,借微软合法设施渗透韩国政企网络

与朝鲜有关的网络间谍组织正在将全球开发者广泛使用的工具——Visual Studio ...
Techzine Europe

Misuse of VS Code tasks poses risk to developers

Security researchers are increasingly citing Visual Studio Code as part of supply chain attacks on developers. Researchers at Jamf recently identified ...

慢雾:朝鲜黑客利用 VS Code 自动任务植入后门的攻击手法早在 7 个月 ...

吴说获悉,慢雾科技首席信息安全官 @im23pds 发文提醒,近期备受关注的朝鲜黑客针对开发者的攻击方式,其实早在 7 个月前就已出现在 GitHub 仓库“VSCode-Backdoor”中。该攻击手法涉及朝鲜相关人员利用虚假招聘信息引诱开发人员。一旦开发者打开恶意的 VS Code 项目,隐藏任务会自动运行,从 Vercel 获取 JavaScript ...
Ars Technica

In 1995, a Netscape employee wrote a hack in 10 days that now runs the Internet

Thirty years ago today, Netscape Communications and Sun Microsystems issued a joint press release announcing JavaScript, an object scripting language designed for creating interactive web applications ...
The Hacker News

Search results for javascript-extension-vscode | Breaking Cybersecurity News | The Hacker News

Cybersecurity researchers have discovered a self-propagating worm that spreads via Visual Studio Code (VS Code) extensions on the Open VSX Registry and the Microsoft Extension Marketplace, ...
InfoWorld

9 vital concepts of modern JavaScript

JavaScript is a sprawling and ever-changing behemoth, and may be the single-most connective piece of web technology. From AI to functional programming, from the client to the server, here are nine ...
来自MSN

JavaScript in 100 Seconds: The Ultimate Crash Course

A lightning-fast crash course on JavaScript, the world’s most popular programming language. From its 1995 origins as Mocha in Netscape to powering front-end apps, Node.js servers, mobile apps, and ...
IEEE

Protect Your Secrets: Understanding and Measuring Data Exposure in VSCode Extensions

Abstract: Recent years have witnessed the emerging trend of extensions in modern Integrated Development Environments (IDEs) like Visual Studio Code (VSCode) that significantly enhance developer ...
TechSpot

Microsoft replaces legacy JavaScript engine to improve security in Windows 11

In context: Windows has included a proprietary JavaScript engine since the release of Internet Explorer 3.0 nearly 30 years ago. Technically, JScript is Microsoft's own dialect of the ...