• Kuinox@lemmy.world
    link
    fedilink
    arrow-up
    1
    arrow-down
    3
    ·
    7 months ago

    Thing is, tons of code extensions have an RCE in one form or another, but they always hit a localhost, or configurable IP. How do there automated analysis did any difference ?
    Tons of extensions summon the cmd to summon the language devtools, their automated analysis flagged tons of package and they infer millions of infeections from that.