The cost of trusting the exten... Note

The cost of trusting the extension ecosystem.

GitHub experienced a security breach related to a malicious VS Code extension. Meanwhile, Anthropic contests a Pentagon blacklist, as the White House considers new AI security regulations. Drupal is urgently working on a critical core vulnerability patch. Cisco Talos is tracking the advancement of the BadIIS malware-for-hire system. Signal has implemented anti-phishing safeguards, and Microsoft is taking action against malware-signing services. China claims foreign spies have been hijacking domestic routers for phishing schemes. Wireless carriers are working together to improve cell service in dead zones. Rob T. Lee from SANS Institute discusses the Cloud Security Alliance’s “AI Vulnerability Storm” report. The episode also mentions a book regarding misinformation.