README.md.
VS Code MCP Social Engineering
While browsing a GitHub repository recently, I noticed a feature with potential as a social engineering vector for payload delivery: a badge providing an almost single-click method to install an arbitrary Model Context Protocol (MCP) server directly from a
Fun With Flags Tasks
While reading this blog post over Christmas, I learned of a VS Code feature that I was previously unaware of. According to the official documentation the tasks feature is intended to provide a bridge between VS Code and external applications for task automation, such as running builds without leaving the IDE. However, as discussed in the Open Source Malware post, attackers are abusing this feature to trigger execution of shell commands when the repo is opened in the IDE.