Flaws in popular VSCode extensions expose developers to attacks
Tue Feb 17 2026
Development
Open Source
Vulnerability
www.bleepingcomputer.com
Vulnerabilities with high to critical severity ratings affecting popular Visual Studio Code (VSCode) extensions collectively downloaded more than 128 million times could be exploited to steal local files and execute code remotely. [...]