New Study Reveals Security Flaws in Popular IDEs
CybersecurityIDEVisualStudioCodeVisualStudioIntelliJIDEACursorVulnerabilityDeveloperSecurityMaliciousCodeExtensionVerification
A new study on Integrated Development Environments (IDEs) such as Microsoft Visual Studio Code, Visual Studio, IntelliJ IDEA, and Cursor has revealed weaknesses in how they handle the extension verification process, allowing attackers to execute malicious code on developers' machines. Faulty validation checks in Visual Studio Code enable publishers to add features that can bypass the verified status, making it easier to execute malicious code. This vulnerability directly impacts the security of developers using these IDEs.