'Contagious Interview' Attack Now Delivers Backdoor Via VS Code

Dark Reading
Once trust is granted to the repository's author, a malicious app executes arbitrary commands on the victim's system with no other user interaction.
www.darkreading.com