New research has uncovered that publishers of over 100 Visual Studio Code (VS Code) extensions leaked access tokens that could be exploited by bad actors to update the extensions, posing a critical software supply chain risk.
“A leaked VSCode Marketplace or Open VSX PAT [personal access token] allows an attacker to directly distribute a malicious extension update across the entire install base,”
Harvard’s Public-Health School Is on Life Support
As Andrea Baccarelli, the dean of Harvard’s School of Public Health, prepared to open a virtual town hall earlier this month, members of the university’s
