Key Findings Cybersecurity researchers have disclosed multiple security vulnerabilities in four popular Microsoft Visual Studio Code (VS Code) extensions with over 125 million collective installs. The vulnerable extensions are Live Server, Code Runner, Markdown Preview Enhanced, and Microsoft Live Preview. If successfully exploited, these vulnerabilities could allow threat actors to steal local files and execute code remotely. The researchers warn that a single malicious exte
