‘Contagious Interview’ Attack Now Delivers Backdoor Via VS Code

Once trust is granted to the repository’s author, a malicious app executes arbitrary commands on the victim’s system with no other user interaction.