Open VSX Marketplace Flaw Enables Millions of Developers at Risk of Supply Chain Attacks CVE/vulnerabilityCyber Security
Posted: Sun Jun 29, 2025 3:08 pm
A newly disclosed critical vulnerability in the Open VSX Registry, the open-source marketplace for Visual Studio Code (VS Code) extensions, has put millions of developers worldwide at risk of devastating supply chain attacks.
The flaw, discovered by cybersecurity researchers at Koi Security, could have allowed attackers to seize control of the entire extensions marketplace, enabling the silent distribution of malicious updates to developer environments across the globe.
https://gbhackers.com/open-vsx-marketplace-flaw/
The flaw, discovered by cybersecurity researchers at Koi Security, could have allowed attackers to seize control of the entire extensions marketplace, enabling the silent distribution of malicious updates to developer environments across the globe.
https://gbhackers.com/open-vsx-marketplace-flaw/