Programming

3 readers

1 users here now

This magazine is dedicated to discussions on programming languages, software development, and coding. Whether you are a beginner programmer or an experienced developer, this is the place for you. Here you can share your knowledge, ask questions, and engage in discussions on topics such as coding languages, software engineering, web development, and more. From the latest trends and frameworks to tips and tricks for debugging, this category covers a wide range of topics related to programming.

founded 2 years ago

VS Code's Token Security: Keeping Your Secrets... Not So Secretly - Cycode (cycode.com)

submitted 1 year ago by wave_walnut@kbin.social to c/programming@kbin.social

0 comments fedilink hide all child comments

This is the full story of the vulnerability we have discovered within Visual Studio Code (VS Code) concerning the handling of secure token storage. While designed for isolated storage for each extension, this vulnerability presents a high-risk “Token Stealing” attack. A malicious extension could expose third-party application tokens “securely stored” by your VS Code IDE, posing significant risks to entire organizations.

no comments (yet)

sorted by: hot top controversial new old

there doesn't seem to be anything here