Critical vulnerabilities in four widely used VS Code extensions could enable file theft and remote code execution across 125M installs.
Substack says hackers accessed user emails, phone numbers, and internal metadata in October 2025, with a database of 697,313 records later posted online.
Some results have been hidden because they may be inaccessible to you
Show inaccessible results