Three critical vulnerabilities have been found in four popular Visual Studio Code extensions. These extensions have been downloaded over 128 million times. The vulnerabilities are identified as CVE-2025-65715, CVE-2025-65716, and CVE-2025-65717.

Three critical vulnerabilities have been found in four popular Visual Studio Code extensions. These extensions have been downloaded over 128 million times. The vulnerabilities are identified as CVE-2025-65715, CVE-2025-65716, and CVE-2025-65717. The findings from the OX Security Research team, later confirmed on Cursor and Windsurf IDEs, expose a systemic blind spot in modern software supply […] The post Critical Vulnerabilities in VS Code Extensions Threaten 128 Million Developer Environments appeared first on Cyber Security News.

  • wizardbeard@lemmy.dbzer0.comEnglish
    3·
    5 hours ago

    128 million downloads does not mean that many active installs.

    And saving a click:

    • Live Server
    • Code Runner
    • Markdown Preview Enhanced
    • Microsoft Live Preview