腾讯网

VS Code 有多么不安全:一个扩展就可能导致公司 GitHub 中的所有代码被 ...

安装一个扩展,就可能被勒索、被擦除掉所有代码?这是真的。 Aqua Security 的研究人员用一项演示,证明了分发伪造 Visual Studio Code(VS Code)扩展有多么简单。他们将这些实际来自不受信来源的扩展,伪装成了看似合法的流行插件,48 小时内成功被安装了 1000 多次。
ZDNet

HackerOne acquires code security tester, review service PullRequest

HackerOne has acquired PullRequest, a code-review-as-a-service platform. The deal was announced on Thursday. No financial details have been disclosed. While robust passwords help you secure your ...