Cybersecurity analysts have revealed a significant flaw in the Open VSX Registry (“open-vsx[.]org”) that, if effectively leveraged, might have allowed malicious actors to seize control of the complete Visual Studio Code extensions marketplace, presenting a grave supply chain threat.
“This flaw grants attackers complete dominion over the entire extensions marketplace, thus granting them total control