Summary
Researchers discovered vulnerabilities in popular VSCode extensions like Live Server and Code Runner that allow for remote code execution and local file theft.
Take Action:
If you are using VSCode extensions, check this advisory. Update Microsoft Live Preview to version 0.4.16 or above. For the others, ideally remove them because they are not updated.
Read the full article on BeyondMachines
This article was originally published on BeyondMachines
Top comments (0)