Supply Chain Poisoning: GitHub Discussions Weaponized for VS Code Malware The integrity of the open-source supply chain is fracturing again. A coordinated campaign has emerged targeting the developer ecosystem, specifically exploiting the trust inherent in GitHub Discussions to distribute malware masquerading as critical Visual Studio Code (VS Code) security patches. This isn’t a standard phishing […]
You can read the full story here: GitHub: Fake VS Code Alerts Spread Malware to Developers .