BleepingComputer reports that malicious extensions could facilitate the theft of Windows, macOS, and Linux credential manager-stored authentication tokens using a vulnerability in the Microsoft Visual Studio Code editor and development environment.
Article Link: Authentication token theft by extensions likely with Microsoft VS Code vulnerability | SC Media