Cybersecurity researchers have disclosed a critical vulnerability in the Open VSX Registry ("open-vsx[.]org") that, if successfully exploited, could have enabled attackers to take control of the entire Visual Studio Code extensions marketplace, posing a severe supply chain risk.
"This vulnerability provides attackers full control over the entire extensions marketplace, and in turn, full control



Source: TheHackerNews
Source Link: https://thehackernews.com/2025/06/critical-open-vsx-registry-flaw-exposes.html