恶意的VS代码扩展蠕虫会自动扩散,通过可信赖的储存库破坏开发系统。 A malicious VS Code extension worm spreads automatically, compromising developer systems via trusted repositories.

在视像工作室代码扩展市场中发现了一种自我传播的蠕虫,给开发商带来安全风险。 A self-propagating worm has been discovered in marketplaces for Visual Studio Code extensions, posing a security risk to developers. 恶意代码可在项目和系统之间自动传播,而无需用户互动,因此难以检测。 The malicious code can spread automatically between projects and systems without user interaction, making it difficult to detect. 它利用对官方推广储存库的信任,这有可能损害发展环境。 It exploits trust in official extension repositories, potentially compromising development environments. 安全专家警告用户不要使用不信任的扩展,并在安装前核实来源。 Security experts warn users to avoid untrusted extensions and verify sources before installation.