Fake VS Code alerts on GitHub spread malware to developers

A large-scale campaign is targeting developers on GitHub with fake Visual Studio Code (VS Code) security alerts posted in the Discussions section of various projects, to trick users into downloading malware.

First seen on bleepingcomputer.com

Jump to article: www.bleepingcomputer.com/news/security/fake-vs-code-alerts-on-github-spread-malware-to-developers/