VS Code-integrated configuration files are automatically executed in Codespaces when the user opens a repository or pull request.

The post VS Code Configs Expose GitHub Codespaces to Attacks appeared first on SecurityWeek.