Cybersecurity researchers have disclosed a critical vulnerability in the Open VSX Registry ("open-vsx[.]org") that, if successfully exploited, could have enabled attackers to take control of the entire Visual Studio Code extensions marketplace, posing a severe supply chain risk. "This vulnerability provides attackers full control over the entire extensions marketplace, and in turn, full control
![]()
source https://thehackernews.com/2025/06/critical-open-vsx-registry-flaw-exposes.html
source https://thehackernews.com/2025/06/critical-open-vsx-registry-flaw-exposes.html