SecurityWeek

VS Code Configs Expose GitHub Codespaces to Attacks

Attackers can abuse VS Code configuration files for RCE when a GitHub Codespaces user opens a repository or pull request.

Spotify changes developer mode API to require premium accounts, limits test users

Spotify is now limiting each app to only five users and requires devs to have a Premium subscription. If developers need to ...
WinBuzzer

Malicious VS Code Extensions Steal Code from 1.5M Developers

Two malicious VS Code extensions have exfiltrated code snippets, API keys, and proprietary algorithms from 1.5 million ...