#vs-code-extension
#vs-code-extension

[ follow ]

Vibe-Coded Malicious VS Code Extension Found with Built-In Ransomware Capabilities

A malicious VS Code extension named susvsex uses AI-assisted code to zip, exfiltrate, and encrypt files and leverages GitHub as a command-and-control channel.

Artificial intelligence

fromZDNET

2 months ago

I spent $20 on Codex and got 24 days of coding work done in 6 hours - but there's a big catch

Using Codex in VS Code for $20/month dramatically increases coding productivity but enforces restrictive usage limits that push users toward expensive premium plans.

Information security

fromTheregister

2 months ago

AWS patches Q Developer after prompt injection, RCE demo

Amazon fixed prompt-injection and RCE-capable vulnerabilities in the Amazon Q Developer VS Code extension by updating the language server and adding human-in-the-loop approval.

[ Load more ]

#vs-code-extension#vs-code-extension

Vibe-Coded Malicious VS Code Extension Found with Built-In Ransomware Capabilities

I spent $20 on Codex and got 24 days of coding work done in 6 hours - but there's a big catch

AWS patches Q Developer after prompt injection, RCE demo

#vs-code-extension
#vs-code-extension