Microsoft security is too often an oxymoron. Latest example:
"Microsoft's lack of stringent controls and code reviewing mechanisms on the VSCode Marketplace allows threat actors to perform rampant abuse of the platform, with it getting worse as the platform is increasingly used.
"As you can tell by the numbers, there are plethora of extensions that pose risks to organizations on the Visual Studio Code marketplace," warned the researchers."
https://www.bleepingcomputer.com/news/security/malicious-visual-studio-code-extensions-with-millions-of-installs-discovered/
Dan Gillmor /
npub1ry…kma3q
2024-06-09 23:44:33
Author Public Key
npub1ry2mcdygmcufem93yun6cqvl8q6weyqa8zfyud6ys0kuyr7paaesekma3qPublished at
2024-06-09 23:44:33Event JSON
{
"id": "103449f70051ba7ae446f9be00c95854ed9d844652a29ab1ff0caed8737e36c4",
"pubkey": "1915bc3488de389cecb12727ac019f3834ec901d38924e374483edc20fc1ef73",
"created_at": 1717976673,
"kind": 1,
"tags": [
[
"proxy",
"https://mastodon.social/@dangillmor/112589319241859229",
"web"
],
[
"proxy",
"https://mastodon.social/users/dangillmor/statuses/112589319241859229",
"activitypub"
],
[
"L",
"pink.momostr"
],
[
"l",
"pink.momostr.activitypub:https://mastodon.social/users/dangillmor/statuses/112589319241859229",
"pink.momostr"
]
],
"content": "Microsoft security is too often an oxymoron. Latest example:\n\n \"Microsoft's lack of stringent controls and code reviewing mechanisms on the VSCode Marketplace allows threat actors to perform rampant abuse of the platform, with it getting worse as the platform is increasingly used.\n\n\"As you can tell by the numbers, there are plethora of extensions that pose risks to organizations on the Visual Studio Code marketplace,\" warned the researchers.\"\n\nhttps://www.bleepingcomputer.com/news/security/malicious-visual-studio-code-extensions-with-millions-of-installs-discovered/",
"sig": "651ec2dbb486046810a3383bf0ecefa00c34704e2c758c304d96aa358b2af2e18679dd6511be186d594923b190836d1a6ccc08c32a2b5d6b1b1abc3fe00bf286"
}