Did you know that VSCode extensions run with full access to your system—including file system, network, and credentials? Worse, dozens of malicious extensions have already made it into the marketplace, silently compromising devices.
I am a security researcher and student developer who ran into this problem myself. To help tackle this, I built a 100% free tool (no login required) that scans VSCode (and Cursor/Windsurf) extensions for:
- Hidden malware and obfuscated code
- Dangerous per
Article URL: https://github.com/microsoft/edit
Comments URL: https://news.ycombinator.com/item?id=44372380
Points: 4
# Comments: 1
Article URL: https://docs.rs/subsecond/0.7.0-alpha.1/subsecond/index.html
Comments URL: https://news.ycombinator.com/item?id=44369642
Points: 42
# Comments: 2
https://docs.rs/subsecond/0.7.0-alpha.1/subsecond/index.html
Article URL: https://thezvi.substack.com/p/analyzing-a-critique-of-the-ai-2027
Comments URL: https://news.ycombinator.com/item?id=44370249
Points: 29
# Comments: 17
https://thezvi.substack.com/p/analyzing-a-critique-of-the-ai-2027
Article URL: https://shanrauf.com/archive/how-to-think-about-time-in-programming
Comments URL: https://news.ycombinator.com/item?id=44370426
Points: 26
# Comments: 10
https://shanrauf.com/archive/how-to-think-about-time-in-programming
Article URL: https://www.archives.gov/college-park
Comments URL: https://news.ycombinator.com/item?id=44371169
Points: 52
# Comments: 16